servnest/fn
Miraty 7f7bcadb58 Fix important vulnerability in reg/ds.php + exescape
In page reg/ds.php, POST parameter 'key' was directly sent to shell, allowing for remote arbitrary commands execution.

This commit fixes this vulnerability, and uses a new function to automatically escape every shell command arguments as an additional generic protection.
2023-06-19 02:15:43 +02:00
..
auth.php Fix important vulnerability in reg/ds.php + exescape 2023-06-19 02:15:43 +02:00
common.php Fix important vulnerability in reg/ds.php + exescape 2023-06-19 02:15:43 +02:00
dns.php Fix important vulnerability in reg/ds.php + exescape 2023-06-19 02:15:43 +02:00
ht.php Fix important vulnerability in reg/ds.php + exescape 2023-06-19 02:15:43 +02:00
ns.php Fix important vulnerability in reg/ds.php + exescape 2023-06-19 02:15:43 +02:00
reg.php init.php + jobs + job to delete old testing accounts 2023-06-08 17:36:44 +02:00