tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-28 08:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-6741-Vulnerabilidad-SQL-injection' into 'develop'

Browse Source 
Fix vulnerability

Closes pandora_enterprise#6741

See merge request artica/pandorafms!3622
This commit is contained in:
Daniel Rodriguez 2020-11-26 18:07:20 +01:00
commit d08e60f13a
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pandora_console/godmode/wizards/HostDevices.class.php
View File

@ -336,6 +336,12 @@ class HostDevices extends Wizard
) )
) )
); );
// Forbidden chars cleaning.
foreach ($network as $key => $singleNetwork) {
$network[$key] = preg_replace('/[-()\']/', '', $singleNetwork);
}
unlink($_FILES['network_csv']['tmp_name']); unlink($_FILES['network_csv']['tmp_name']);
if (empty($network) || is_array($network) === false) { if (empty($network) || is_array($network) === false) {
$this->msg = __( $this->msg = __(