mirror of
https://github.com/serghey-rodin/vesta.git
synced 2025-08-21 05:44:07 -07:00
Revert "[SECURITY] Fix OS command injection."
This commit is contained in:
Serghey Rodin
parent
9620bfbf35
commit
39e9b6397b
115 changed files with 1980 additions and 1340 deletions
|
|
@ -6,17 +6,20 @@ session_start();
|
|||
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
||||
|
||||
if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
|
||||
$user = $_GET['user'];
|
||||
$user=$_GET['user'];
|
||||
}
|
||||
|
||||
if (!empty($_GET['system'])) {
|
||||
$v_system = $_GET['system'];
|
||||
v_exec('v-delete-user-backup-exclusions', [$user, $v_system]);
|
||||
$v_username = escapeshellarg($user);
|
||||
$v_system = escapeshellarg($_GET['system']);
|
||||
exec (VESTA_CMD."v-delete-user-backup-exclusions ".$v_username." ".$v_system, $output, $return_var);
|
||||
}
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -6,23 +6,26 @@ session_start();
|
|||
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
||||
|
||||
if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
|
||||
$user = $_GET['user'];
|
||||
$user=$_GET['user'];
|
||||
}
|
||||
|
||||
// Check token
|
||||
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
|
||||
header('location: /login/');
|
||||
exit;
|
||||
exit();
|
||||
}
|
||||
|
||||
if (!empty($_GET['backup'])) {
|
||||
$v_backup = $_GET['backup'];
|
||||
v_exec('v-delete-user-backup', [$user, $v_backup]);
|
||||
$v_username = escapeshellarg($user);
|
||||
$v_backup = escapeshellarg($_GET['backup']);
|
||||
exec (VESTA_CMD."v-delete-user-backup ".$v_username." ".$v_backup, $output, $return_var);
|
||||
}
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -6,8 +6,9 @@ session_start();
|
|||
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
||||
|
||||
if ($_SESSION['user'] == 'admin') {
|
||||
v_exec('v-delete-cron-vesta-autoupdate', [], false);
|
||||
exec (VESTA_CMD."v-delete-cron-vesta-autoupdate", $output, $return_var);
|
||||
$_SESSION['error_msg'] = __('Autoupdate has been successfully disabled');
|
||||
unset($output);
|
||||
}
|
||||
|
||||
header("Location: /list/updates/");
|
||||
|
|
|
|||
|
|
@ -6,23 +6,26 @@ session_start();
|
|||
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
||||
|
||||
if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
|
||||
$user = $_GET['user'];
|
||||
$user=$_GET['user'];
|
||||
}
|
||||
|
||||
// Check token
|
||||
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
|
||||
header('location: /login/');
|
||||
exit;
|
||||
exit();
|
||||
}
|
||||
|
||||
if (!empty($_GET['job'])) {
|
||||
$v_job = $_GET['job'];
|
||||
v_exec('v-delete-cron-job', [$user, $v_job]);
|
||||
$v_username = escapeshellarg($user);
|
||||
$v_job = escapeshellarg($_GET['job']);
|
||||
exec (VESTA_CMD."v-delete-cron-job ".$v_username." ".$v_job, $output, $return_var);
|
||||
}
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -5,8 +5,9 @@ ob_start();
|
|||
session_start();
|
||||
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
||||
|
||||
v_exec('v-delete-cron-reports', [$user], false);
|
||||
exec (VESTA_CMD."v-delete-cron-reports ".$user, $output, $return_var);
|
||||
$_SESSION['error_msg'] = __('Cronjob email reporting has been successfully disabled');
|
||||
unset($output);
|
||||
|
||||
header("Location: /list/cron/");
|
||||
exit;
|
||||
|
|
|
|||
|
|
@ -6,23 +6,26 @@ session_start();
|
|||
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
||||
|
||||
if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
|
||||
$user = $_GET['user'];
|
||||
$user=$_GET['user'];
|
||||
}
|
||||
|
||||
// Check token
|
||||
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
|
||||
header('location: /login/');
|
||||
exit;
|
||||
exit();
|
||||
}
|
||||
|
||||
if (!empty($_GET['database'])) {
|
||||
$v_database = $_GET['database'];
|
||||
v_exec('v-delete-database', [$user, $v_database]);
|
||||
$v_username = escapeshellarg($user);
|
||||
$v_database = escapeshellarg($_GET['database']);
|
||||
exec (VESTA_CMD."v-delete-database ".$v_username." ".$v_database, $output, $return_var);
|
||||
}
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -7,23 +7,26 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
|||
|
||||
// Delete as someone else?
|
||||
if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
|
||||
$user = $_GET['user'];
|
||||
$user=$_GET['user'];
|
||||
}
|
||||
|
||||
// Check token
|
||||
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
|
||||
header('location: /login/');
|
||||
exit;
|
||||
exit();
|
||||
}
|
||||
|
||||
// DNS domain
|
||||
if ((!empty($_GET['domain'])) && (empty($_GET['record_id']))) {
|
||||
$v_domain = $_GET['domain'];
|
||||
v_exec('v-delete-dns-domain', [$user, $v_domain]);
|
||||
$v_username = escapeshellarg($user);
|
||||
$v_domain = escapeshellarg($_GET['domain']);
|
||||
exec (VESTA_CMD."v-delete-dns-domain ".$v_username." ".$v_domain, $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
header("Location: /list/dns/");
|
||||
|
|
@ -32,13 +35,15 @@ if ((!empty($_GET['domain'])) && (empty($_GET['record_id']))) {
|
|||
|
||||
// DNS record
|
||||
if ((!empty($_GET['domain'])) && (!empty($_GET['record_id']))) {
|
||||
$v_domain = $_GET['domain'];
|
||||
$v_record_id = $_GET['record_id'];
|
||||
v_exec('v-delete-dns-record', [$user, $v_domain, $v_record_id]);
|
||||
|
||||
$v_username = escapeshellarg($user);
|
||||
$v_domain = escapeshellarg($_GET['domain']);
|
||||
$v_record_id = escapeshellarg($_GET['record_id']);
|
||||
exec (VESTA_CMD."v-delete-dns-record ".$v_username." ".$v_domain." ".$v_record_id, $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
header("Location: /list/dns/?domain=".$_GET['domain']);
|
||||
|
|
@ -47,7 +52,7 @@ if ((!empty($_GET['domain'])) && (!empty($_GET['record_id']))) {
|
|||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -5,10 +5,11 @@
|
|||
|
||||
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
||||
|
||||
$v_section = $_REQUEST['v_section'];
|
||||
$v_unit_id = $_REQUEST['v_unit_id'];
|
||||
unset($_SESSION['favourites'][strtoupper($_REQUEST['v_section'])][$_REQUEST['v_unit_id']]);
|
||||
|
||||
unset($_SESSION['favourites'][strtoupper((string)$v_section)][(string)$v_unit_id]);
|
||||
$v_section = escapeshellarg($_REQUEST['v_section']);
|
||||
$v_unit_id = escapeshellarg($_REQUEST['v_unit_id']);
|
||||
|
||||
v_exec('v-delete-user-favourites', [$_SESSION['user'], $v_section, $v_unit_id], false/*true*/);
|
||||
exec (VESTA_CMD."v-delete-user-favourites ".$_SESSION['user']." ".$v_section." ".$v_unit_id, $output, $return_var);
|
||||
// check_return_code($return_var,$output);
|
||||
?>
|
||||
|
|
@ -16,18 +16,20 @@ if ($_SESSION['user'] != 'admin') {
|
|||
// Check token
|
||||
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
|
||||
header('location: /login/');
|
||||
exit;
|
||||
exit();
|
||||
}
|
||||
|
||||
if ((!empty($_GET['ip'])) && (!empty($_GET['chain']))) {
|
||||
$v_ip = $_GET['ip'];
|
||||
$v_chain = $_GET['chain'];
|
||||
v_exec('v-delete-firewall-ban', [$v_ip, $v_chain]);
|
||||
$v_ip = escapeshellarg($_GET['ip']);
|
||||
$v_chain = escapeshellarg($_GET['chain']);
|
||||
exec (VESTA_CMD."v-delete-firewall-ban ".$v_ip." ".$v_chain, $output, $return_var);
|
||||
}
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -16,17 +16,19 @@ if ($_SESSION['user'] != 'admin') {
|
|||
// Check token
|
||||
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
|
||||
header('location: /login/');
|
||||
exit;
|
||||
exit();
|
||||
}
|
||||
|
||||
if (!empty($_GET['rule'])) {
|
||||
$v_rule = $_GET['rule'];
|
||||
v_exec('v-delete-firewall-rule', [$v_rule]);
|
||||
$v_rule = escapeshellarg($_GET['rule']);
|
||||
exec (VESTA_CMD."v-delete-firewall-rule ".$v_rule, $output, $return_var);
|
||||
}
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -8,19 +8,22 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
|||
// Check token
|
||||
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
|
||||
header('location: /login/');
|
||||
exit;
|
||||
exit();
|
||||
}
|
||||
|
||||
if ($_SESSION['user'] == 'admin') {
|
||||
if (!empty($_GET['ip'])) {
|
||||
$v_ip = $_GET['ip'];
|
||||
v_exec('v-delete-sys-ip', [$v_ip]);
|
||||
$v_ip = escapeshellarg($_GET['ip']);
|
||||
exec (VESTA_CMD."v-delete-sys-ip ".$v_ip, $output, $return_var);
|
||||
}
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
|
||||
}
|
||||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -7,22 +7,25 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
|||
|
||||
// Delete as someone else?
|
||||
if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
|
||||
$user = $_GET['user'];
|
||||
$user=$_GET['user'];
|
||||
}
|
||||
|
||||
// Check token
|
||||
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
|
||||
header('location: /login/');
|
||||
exit;
|
||||
exit();
|
||||
}
|
||||
|
||||
// Mail domain
|
||||
if ((!empty($_GET['domain'])) && (empty($_GET['account']))) {
|
||||
$v_domain = $_GET['domain'];
|
||||
v_exec('v-delete-mail-domain', [$user, $v_domain]);
|
||||
$v_username = escapeshellarg($user);
|
||||
$v_domain = escapeshellarg($_GET['domain']);
|
||||
exec (VESTA_CMD."v-delete-mail-domain ".$v_username." ".$v_domain, $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
header("Location: /list/mail/");
|
||||
|
|
@ -31,12 +34,15 @@ if ((!empty($_GET['domain'])) && (empty($_GET['account']))) {
|
|||
|
||||
// Mail account
|
||||
if ((!empty($_GET['domain'])) && (!empty($_GET['account']))) {
|
||||
$v_domain = $_GET['domain'];
|
||||
$v_account = $_GET['account'];
|
||||
v_exec('v-delete-mail-account', [$user, $v_domain, $v_account]);
|
||||
$v_username = escapeshellarg($user);
|
||||
$v_domain = escapeshellarg($_GET['domain']);
|
||||
$v_account = escapeshellarg($_GET['account']);
|
||||
exec (VESTA_CMD."v-delete-mail-account ".$v_username." ".$v_domain." ".$v_account, $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
header("Location: /list/mail/?domain=".$_GET['domain']);
|
||||
|
|
@ -45,7 +51,7 @@ if ((!empty($_GET['domain'])) && (!empty($_GET['account']))) {
|
|||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -8,17 +8,23 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
|||
// Check token
|
||||
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
|
||||
header('location: /login/');
|
||||
exit;
|
||||
exit();
|
||||
}
|
||||
|
||||
|
||||
if($_GET['delete'] == 1){
|
||||
$v_id = (string)((int)$_GET['notification_id']);
|
||||
v_exec('v-delete-user-notification', [$user, $v_id]);
|
||||
$v_username = escapeshellarg($user);
|
||||
$v_id = escapeshellarg((int)$_GET['notification_id']);
|
||||
exec (VESTA_CMD."v-delete-user-notification ".$v_username." ".$v_id, $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
} else {
|
||||
$v_id = (string)((int)$_GET['notification_id']);
|
||||
//echo VESTA_CMD."v-acknowledge-user-notification ".$v_username." ".$v_id;
|
||||
v_exec('v-acknowledge-user-notification', [$user, $v_id]);
|
||||
$v_username = escapeshellarg($user);
|
||||
$v_id = escapeshellarg((int)$_GET['notification_id']);
|
||||
echo VESTA_CMD."v-acknowledge-user-notification ".$v_username." ".$v_id;
|
||||
exec (VESTA_CMD."v-acknowledge-user-notification ".$v_username." ".$v_id, $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
}
|
||||
|
||||
exit;
|
||||
|
|
|
|||
|
|
@ -8,19 +8,21 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
|||
// Check token
|
||||
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
|
||||
header('location: /login/');
|
||||
exit;
|
||||
exit();
|
||||
}
|
||||
|
||||
if ($_SESSION['user'] == 'admin') {
|
||||
if (!empty($_GET['package'])) {
|
||||
$v_package = $_GET['package'];
|
||||
v_exec('v-delete-user-package', [$v_package]);
|
||||
$v_package = escapeshellarg($_GET['package']);
|
||||
exec (VESTA_CMD."v-delete-user-package ".$v_package, $output, $return_var);
|
||||
}
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
}
|
||||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -8,20 +8,22 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
|||
// Check token
|
||||
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
|
||||
header('location: /login/');
|
||||
exit;
|
||||
exit();
|
||||
}
|
||||
|
||||
if ($_SESSION['user'] == 'admin') {
|
||||
if (!empty($_GET['user'])) {
|
||||
$v_username = $_GET['user'];
|
||||
v_exec('v-delete-user', [$v_username]);
|
||||
$v_username = escapeshellarg($_GET['user']);
|
||||
exec (VESTA_CMD."v-delete-user ".$v_username, $output, $return_var);
|
||||
}
|
||||
check_return_code($return_var,$output);
|
||||
unset($_SESSION['look']);
|
||||
unset($output);
|
||||
}
|
||||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -8,22 +8,25 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
|
|||
// Check token
|
||||
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
|
||||
header('location: /login/');
|
||||
exit;
|
||||
exit();
|
||||
}
|
||||
|
||||
// Delete as someone else?
|
||||
if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
|
||||
$user = $_GET['user'];
|
||||
$user=$_GET['user'];
|
||||
}
|
||||
|
||||
if (!empty($_GET['domain'])) {
|
||||
$v_domain = $_GET['domain'];
|
||||
v_exec('v-delete-domain', [$user, $v_domain]);
|
||||
$v_username = escapeshellarg($user);
|
||||
$v_domain = escapeshellarg($_GET['domain']);
|
||||
exec (VESTA_CMD."v-delete-domain ".$v_username." ".$v_domain, $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
}
|
||||
|
||||
$back = $_SESSION['back'];
|
||||
if (!empty($back)) {
|
||||
header("Location: $back");
|
||||
header("Location: ".$back);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue