github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 02:28:05 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

🔒 Fix OS command injection vulnerability.

Browse source
This commit is contained in:
Flat 2015-11-29 17:19:10 +09:00
commit 6e13036780
6 changed files with 9 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

1
web/edit/cron/index.php
View file

@ -53,6 +53,7 @@ if (!empty($_POST['save'])) {
}
$v_username = $user;
$v_job = escapeshellarg($_GET['job']);
$v_min = escapeshellarg($_POST['v_min']);
$v_hour = escapeshellarg($_POST['v_hour']);
$v_day = escapeshellarg($_POST['v_day']);

4
web/edit/mail/index.php
View file

@ -233,7 +233,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['acco
$result = array_diff($aliases, $valiases);
foreach ($result as $alias) {
if ((empty($_SESSION['error_msg'])) && (!empty($alias))) {
exec (VESTA_CMD."v-add-mail-account-alias ".$v_username." ".$v_domain." ".$v_account." '".$alias."'", $output, $return_var);
exec (VESTA_CMD."v-add-mail-account-alias ".$v_username." ".$v_domain." ".$v_account." ".escapeshellarg($alias), $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
@ -259,7 +259,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['acco
$result = array_diff($fwd, $vfwd);
foreach ($result as $forward) {
if ((empty($_SESSION['error_msg'])) && (!empty($forward))) {
exec (VESTA_CMD."v-add-mail-account-forward ".$v_username." ".$v_domain." ".$v_account." '".$forward."'", $output, $return_var);
exec (VESTA_CMD."v-add-mail-account-forward ".$v_username." ".$v_domain." ".$v_account." ".escapeshellarg($forward), $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}

6
web/edit/web/index.php
View file

@ -188,14 +188,14 @@ if (!empty($_POST['save'])) {
$restart_web = 'yes';
$restart_proxy = 'yes';
$v_template = escapeshellarg($_POST['v_template']);
exec (VESTA_CMD."v-add-web-domain-alias ".$v_username." ".$v_domain." '".$alias."' 'no'", $output, $return_var);
exec (VESTA_CMD."v-add-web-domain-alias ".$v_username." ".$v_domain." ".escapeshellarg($alias)." 'no'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_domain, $output, $return_var);
unset($output);
if ($return_var == 0) {
exec (VESTA_CMD."v-add-dns-on-web-alias ".$v_username." ".$alias." ".$v_ip." no", $output, $return_var);
exec (VESTA_CMD."v-add-dns-on-web-alias ".$v_username." ".escapeshellarg($alias)." ".$v_ip." no", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$restart_dns = 'yes';
@ -520,7 +520,7 @@ if (!empty($_POST['save'])) {
$fp = fopen($v_ftp_password, "w");
fwrite($fp, $v_ftp_user_data['v_ftp_password']."\n");
fclose($fp);
exec (VESTA_CMD."v-add-web-domain-ftp ".$v_username." ".$v_domain." ".$v_ftp_username." ".$v_ftp_password . " " . $v_ftp_path, $output, $return_var);
exec (VESTA_CMD."v-add-web-domain-ftp ".$v_username." ".$v_domain." ".$v_ftp_user." ".$v_ftp_password . " " . $v_ftp_path, $output, $return_var);
check_return_code($return_var,$output);
if ((!empty($v_ftp_user_data['v_ftp_email'])) && (empty($_SESSION['error_msg']))) {
$to = $v_ftp_user_data['v_ftp_email'];