github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-07-07 13:31:53 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions
6323 commits 2 branches 41 tags 24 MiB
Commit graph

18 commits

Author SHA1 Message Date
myvesta
e65af22a54
hash_equals() in /reset/mail/ 
Thanks to @divinity76
 2022-07-12 18:10:31 +02:00
Peca
db8b4ed21e Merge branch 'pr/34' 2019-08-10 17:09:42 +02:00
Serghey Rodin
b17b4b205d removed unnecessary single quotes for security reasons / thanks to Andrea Cardaci 2019-08-07 18:46:40 +03:00
dpeca
a57c8b775b
NO_AUTH_REQUIRED2 fix 2018-04-12 01:34:18 +02:00
dpeca
7688706ed3
put back my modification 2018-04-12 01:33:35 +02:00
dpeca
b2f2caf3bb
equalize with master 2018-04-12 01:29:49 +02:00
dpeca
b7c19a8e63
Allow /reset/mail/ only from localhost 
Block connection from outside, that could brute force password guessing
 2018-04-12 01:08:35 +02:00
dpeca
4fa549c570
Disable direct access through frontend nginx in /reset/mail/ 2018-04-12 00:09:35 +02:00
dpeca
8e293259bf
Merge branch 'master' into master 2018-04-11 23:51:43 +02:00
dpeca
14c8e56d84
Allow /reset/mail/ only from localhost 2018-04-11 21:34:07 +02:00
dpeca
fb2cdf6fe1
Allow /reset/mail/ only from localhost 2018-04-11 21:30:55 +02:00
dpeca
334e54bf93
define NO_AUTH_REQUIRED2 in reset email 2018-04-11 12:54:27 +02:00
Serghey Rodin
39e9b6397b Revert "[SECURITY] Fix OS command injection." 2015-12-11 21:14:49 +02:00
Flat
8e951ac72e 🔒 ♻️ Implement secure exec wrapper functions. 2015-12-02 21:30:04 +09:00
Serghey Rodin
1a7612cc66 password transmission via tmp files 2015-04-04 16:48:22 +03:00
Serghey Rodin
6e631c32a1 i18n + service manager + web updater 2013-01-29 00:18:09 +02:00
Serghey Rodin
e84f7e2709 removed deugg logging 2012-12-28 12:33:19 +02:00
Serghey Rodin
eb40d64132 password reset support for rouncube webmail 2012-12-28 11:39:01 +02:00