servnest/pg-act/ns
Miraty 7f7bcadb58 Fix important vulnerability in reg/ds.php + exescape
In page reg/ds.php, POST parameter 'key' was directly sent to shell, allowing for remote arbitrary commands execution.

This commit fixes this vulnerability, and uses a new function to automatically escape every shell command arguments as an additional generic protection.
2023-06-19 02:15:43 +02:00
..
caa.php Don't allow double quotes in ns/caa.php actually 2023-05-06 20:31:13 +02:00
cname.php Rate-limit most form processings 2023-05-02 18:02:08 +02:00
dname.php Rate-limit most form processings 2023-05-02 18:02:08 +02:00
edit.php Fix important vulnerability in reg/ds.php + exescape 2023-06-19 02:15:43 +02:00
ip.php Rate-limit most form processings 2023-05-02 18:02:08 +02:00
loc.php Rate-limit most form processings 2023-05-02 18:02:08 +02:00
mx.php Rate-limit most form processings 2023-05-02 18:02:08 +02:00
ns.php Rate-limit most form processings 2023-05-02 18:02:08 +02:00
print.php Rate-limit most form processings 2023-05-02 18:02:08 +02:00
srv.php Rate-limit most form processings 2023-05-02 18:02:08 +02:00
sshfp.php Rate-limit most form processings 2023-05-02 18:02:08 +02:00
tlsa.php Rate-limit most form processings 2023-05-02 18:02:08 +02:00
txt.php ht/dns-add: display recommended CAA record 2023-05-05 19:41:55 +02:00
zone-add.php Fix important vulnerability in reg/ds.php + exescape 2023-06-19 02:15:43 +02:00
zone-del.php init.php + jobs + job to delete old testing accounts 2023-06-08 17:36:44 +02:00