mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix SQL injection in rediscover-device (#12716)

Browse Source 
Closes #12697
This commit is contained in:
Jellyfrog
2021-04-07 04:57:50 +02:00
committed by GitHub
parent a70d55bfd8
commit dedc46b548
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
includes/html/forms/rediscover-device.inc.php
View File

@@ -39,7 +39,7 @@ if (isset($_POST['device_id'])) {
$status = 'error';
$message = 'Invalid device group id ' . $_POST['device_group_id'];
} else {
$device_ids = dbFetchColumn('SELECT `device_id` FROM `device_group_device` WHERE `device_group_id`=' . $_POST['device_group_id']);
$device_ids = dbFetchColumn('SELECT `device_id` FROM `device_group_device` WHERE `device_group_id` = ?', [$_POST['device_group_id']]);
$update = 0;
foreach ($device_ids as $device_id) {
$result = device_discovery_trigger($device_id);