fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PMCORE-2324 SQL Injection via 'Category' parameter in proxyNewCasesList endpoint

Browse Source
This commit is contained in:
Roly Rudy Gutierrez Pinto
2020-10-15 19:48:15 -04:00
parent 6942e304da
commit 8a306f38d4
23 changed files with 589 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
workflow/engine/classes/model/ListCanceled.php
View File

@@ -254,7 +254,7 @@ class ListCanceled extends BaseListCanceled implements ListInterface
$criteria->addSelectColumn(ProcessPeer::PRO_CATEGORY);
$aConditions = array();
$aConditions[] = array(ListCanceledPeer::PRO_UID, ProcessPeer::PRO_UID);
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . $category . "'");
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . G::realEscapeString($category) . "'");
$criteria->addJoinMC($aConditions, Criteria::INNER_JOIN);
}

2
workflow/engine/classes/model/ListCompleted.php
View File

@@ -233,7 +233,7 @@ class ListCompleted extends BaseListCompleted implements ListInterface
$criteria->addSelectColumn(ProcessPeer::PRO_CATEGORY);
$aConditions = array();
$aConditions[] = array(ListCompletedPeer::PRO_UID, ProcessPeer::PRO_UID);
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . $category . "'");
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . G::realEscapeString($category) . "'");
$criteria->addJoinMC($aConditions, Criteria::INNER_JOIN);
}

2
workflow/engine/classes/model/ListInbox.php
View File

@@ -513,7 +513,7 @@ class ListInbox extends BaseListInbox implements ListInterface
$criteria->addSelectColumn(ProcessPeer::PRO_CATEGORY);
$aConditions = array();
$aConditions[] = array(ListInboxPeer::PRO_UID, ProcessPeer::PRO_UID);
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . $category . "'");
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . G::realEscapeString($category) . "'");
$criteria->addJoinMC($aConditions, Criteria::INNER_JOIN);
}
//Those filters: $newestthan, $oldestthan is used from mobile GET /light/todo

2
workflow/engine/classes/model/ListMyInbox.php
View File

@@ -210,7 +210,7 @@ class ListMyInbox extends BaseListMyInbox implements ListInterface
$criteria->addSelectColumn(ProcessPeer::PRO_CATEGORY);
$aConditions = array();
$aConditions[] = array(ListMyInboxPeer::PRO_UID, ProcessPeer::PRO_UID);
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . $category . "'");
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . G::realEscapeString($category) . "'");
$criteria->addJoinMC($aConditions, Criteria::INNER_JOIN);
}

2
workflow/engine/classes/model/ListParticipatedHistory.php
View File

@@ -165,7 +165,7 @@ class ListParticipatedHistory extends BaseListParticipatedHistory implements Lis
$criteria->addSelectColumn(ProcessPeer::PRO_CATEGORY);
$aConditions = array();
$aConditions[] = array(ListParticipatedHistoryPeer::PRO_UID, ProcessPeer::PRO_UID);
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . $category . "'");
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . G::realEscapeString($category) . "'");
$criteria->addJoinMC($aConditions, Criteria::INNER_JOIN);
}

2
workflow/engine/classes/model/ListParticipatedLast.php
View File

@@ -351,7 +351,7 @@ class ListParticipatedLast extends BaseListParticipatedLast implements ListInter
$criteria->addSelectColumn(ProcessPeer::PRO_CATEGORY);
$aConditions = array();
$aConditions[] = array(ListParticipatedLastPeer::PRO_UID, ProcessPeer::PRO_UID);
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'".$category."'");
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . G::realEscapeString($category) . "'");
$criteria->addJoinMC($aConditions, Criteria::INNER_JOIN);
}

2
workflow/engine/classes/model/ListPaused.php
View File

@@ -270,7 +270,7 @@ class ListPaused extends BaseListPaused implements ListInterface
$criteria->addSelectColumn(ProcessPeer::PRO_CATEGORY);
$aConditions = array();
$aConditions[] = array(ListPausedPeer::PRO_UID, ProcessPeer::PRO_UID);
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . $category . "'");
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . G::realEscapeString($category) . "'");
$criteria->addJoinMC($aConditions, Criteria::INNER_JOIN);
}
}

2
workflow/engine/classes/model/ListUnassigned.php
View File

@@ -209,7 +209,7 @@ class ListUnassigned extends BaseListUnassigned implements ListInterface
$criteria->addSelectColumn(ProcessPeer::PRO_CATEGORY);
$aConditions = array();
$aConditions[] = array(ListUnassignedPeer::PRO_UID, ProcessPeer::PRO_UID);
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . $category . "'");
$aConditions[] = array(ProcessPeer::PRO_CATEGORY, "'" . G::realEscapeString($category) . "'");
$criteria->addJoinMC($aConditions, Criteria::INNER_JOIN);
}