fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

I solved some issues with Directory traversal

Browse Source
This commit is contained in:
Paula V. Quispe
2015-03-26 15:47:31 -04:00
parent f4664ce34c
commit 1bb9f57152
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
workflow/engine/methods/users/users_ViewPhoto.php
View File

@@ -91,6 +91,9 @@ function DumpHeaders ($filename)
}
//$filename = PATH_UPLOAD . "$filename";
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$filename = $filter->xssFilterHard($filename, 'path');
readfile( $filename );
}