mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix sql injection (#11923)

Browse Source 
in custom oid code

Thanks to loginsoft p.v.t l.t.d india for the report!
Website: https://www.loginsoft.com/
This commit is contained in:
Tony Murray
2020-07-10 03:45:39 -05:00
committed by GitHub
parent 8af976a951
commit 6e6fde94c3
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
includes/html/forms/customoid.inc.php
View File

@@ -72,8 +72,8 @@ if (!empty(mres($_POST['user_func']))) {
}
if ($action == "test") {
$query = "SELECT * FROM `devices` WHERE `device_id` = $device_id LIMIT 1";
$device = dbFetchRow($query);
$query = "SELECT * FROM `devices` WHERE `device_id` = ? LIMIT 1";
$device = dbFetchRow($query, [$device_id]);
$rawdata = snmp_get($device, $oid, '-Oqv');