mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
17,743 Commits 47 Branches 151 Tags
912247f2f0fa6d8846b5b82e11ac5abfd7da4b8d
Commit Graph

5 Commits

Author SHA1 Message Date
Jellyfrog
32f72bc1ab Fix SQL injections in ajax_table.php (#11920) 
* Fix SQL injections via searchPhrase parameter

* Fix SQL injections via address parameter

* Fix sort injection

Co-authored-by: Tony Murray <murraytony@gmail.com>
 2020-07-10 09:17:09 -05:00
SourceDoctor
f9b746577e Webui - Poller Log Link Overlib (#11819) 2020-06-13 16:18:38 +02:00
SourceDoctor
cc53801e22 Define Poller Duration precision to 2 (#11271) 2020-03-10 23:14:43 +01:00
Tony Murray
e99f421511 Remove legacy auth usage of $_SESSION (#10491) 
* Remove auth use of $_SESSION

Will break plugins that depend on $_SESSION, Weathermap was already fixed.
Port them to use Auth::check()/Auth::user()/Auth:id()

* revert accidental replacement
 2019-08-05 14:16:05 -05:00
Tony Murray
36431dd296 Security fix: unauthorized access (#10091) 
* Security fix: unauthorized access
Affects nginx users:
Moved php files outside of public html directory (Apache was protected by .htaccess)

Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input

* git mv html/includes/ includes/html
git mv html/pages/ includes/html/
 2019-04-11 23:26:42 -05:00