mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Security fix: unauthorized access (#10091)

Browse Source 
* Security fix: unauthorized access
Affects nginx users:
Moved php files outside of public html directory (Apache was protected by .htaccess)

Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input

* git mv html/includes/ includes/html
git mv html/pages/ includes/html/
This commit is contained in:
Tony Murray
2019-04-11 23:26:42 -05:00
committed by GitHub
parent b81af32ed2
commit 36431dd296
1301 changed files with 1443 additions and 1439 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
includes/html/forms/alert-notes.inc.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
/**
* alert-notes.inc.php
*
* LibreNMS alert-notes.inc.php
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package LibreNMS
* @link http://librenms.org
* @copyright 2018 Neil Lathwood
* @author Neil Lathwood <gh+n@laf.io>
*/
header('Content-type: application/json');
$alert_id = $vars['alert_id'];
$sub_type = $vars['sub_type'];
$note = $vars['note'] ?: '';
$status = 'error';
if (is_numeric($alert_id)) {
if ($sub_type === 'get_note') {
$note = dbFetchCell("SELECT `note` FROM `alerts` WHERE `id` = ?", [$alert_id]);
$message = 'Alert note retrieved';
$status = 'ok';
} else {
if (dbUpdate(['note' => $note], 'alerts', '`id` = ?', [$alert_id])) {
$status = 'ok';
$message = 'Note updated';
} else {
$message = 'Could not update note';
}
}
} else {
$message = 'Invalid alert id';
}
die(json_encode([
'status' => $status,
'message' => $message,
'note' => $note,
]));