mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

security: Fix some reported security issues (#4807)

Browse Source
This commit is contained in:
Neil Lathwood
2016-10-15 20:45:18 +01:00
committed by GitHub
parent da0d04a5b6
commit a2f2ccfd2c
9 changed files with 34 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
html/netcmd.php
View File

@@ -34,8 +34,8 @@ if (!$_SESSION['authenticated']) {
$output = '';
if ($_GET['query'] && $_GET['cmd']) {
$host = $_GET['query'];
if (Net_IPv6::checkIPv6($host) || Net_IPv4::validateip($host) || filter_var('http://'.$host, FILTER_VALIDATE_URL)) {
$host = clean($_GET['query']);
if (filter_var($host, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) || filter_var($host, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) || filter_var('http://'.$host, FILTER_VALIDATE_URL)) {
switch ($_GET['cmd']) {
case 'whois':
$cmd = $config['whois']." $host | grep -v \%";