github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-20 21:34:12 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

🔒 Fix OS command injection vulnerability.

Browse source
This commit is contained in:
Flat 2015-11-29 17:19:10 +09:00
commit 6e13036780
6 changed files with 9 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

1
web/edit/cron/index.php
View file

@ -53,6 +53,7 @@ if (!empty($_POST['save'])) {
}
$v_username = $user;
$v_job = escapeshellarg($_GET['job']);
$v_min = escapeshellarg($_POST['v_min']);
$v_hour = escapeshellarg($_POST['v_hour']);
$v_day = escapeshellarg($_POST['v_day']);