Skip to content

Commit

Permalink
Authenticated Remote Code Execution fix
Browse files Browse the repository at this point in the history
  • Loading branch information
Daniel Neto committed May 6, 2023
1 parent 89507b8 commit 1df4af0
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions plugin/CloneSite/cloneClient.json.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@
$json->sqlFile = escapeshellarg(preg_replace('/[^a-z0-9_.-]/i', '', $json->sqlFile));
$json->videoFiles = escapeshellarg(preg_replace('/[^a-z0-9_.-]/i', '', $json->videoFiles));
$json->photoFiles = escapeshellarg(preg_replace('/[^a-z0-9_.-]/i', '', $json->photoFiles));
$objClone->cloneSiteURL = escapeshellarg($objClone->cloneSiteURL);

// get dump file
$cmd = "wget -O {$clonesDir}{$json->sqlFile} {$objClone->cloneSiteURL}videos/cache/clones/{$json->sqlFile}";
Expand Down

0 comments on commit 1df4af0

Please sign in to comment.