composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-23 10:38:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°6989 - Security hardening

Browse Source
This commit is contained in:
Molkobain
2023-11-22 18:02:50 +01:00
parent fc22d91232
commit 3b2da39469
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pages/exec.php
View File

@@ -48,8 +48,9 @@ session_write_close();
$sTargetPage = APPROOT.'env-'.$sEnvironment.'/'.$sModule.'/'.$sPage;
if (!file_exists($sTargetPage))
{
if (!file_exists($sTargetPage)
|| (strtolower(pathinfo($sTargetPage, PATHINFO_EXTENSION)) !== "php")
) {
// Do not recall the parameters (security takes precedence)
echo "Wrong module, page name or environment...";
exit;