This repository has been archived on 2025-06-14. You can view files and clone it. You cannot open issues or pull requests or push a commit.

Thomas Hochstein e792a8d913 Fix RCE vulnerability on Windows. ...

Steps to reproduce:

1) Upload a PHP script to the Media Libray,
   naming it "test" (or any other name
   without extension).
2) Rename it to "exploit.php." (trailing dot!)

On Linux, the file will be renamed to
"exploit.php..", which is safe and
cannot be exploited.

On Windows though, the file will be
renemad to "exploit.php" and is then
remotely executable by calling it
from "/uploads/exploit.php".

Thanks to Junyu Zhang <rgdz.eye@gmail.com>
for spotting this!

Signed-off-by: Thomas Hochstein <thh@inter.net>

2020-03-25 15:04:31 +01:00

..

admin

Really set source of plugins.

2020-03-25 15:03:31 +01:00

db

minor: explain serendipity_utf8mb4_ready in doccomment

2020-03-22 23:20:08 +01:00

tpl

Make stablearchive default

2019-04-27 18:13:16 +02:00

compat.inc.php

Merge pull request #650 from stephanbrunker/master

2019-10-17 13:46:06 +02:00

functions_calendars.inc.php

spelling fixes

2017-04-06 22:26:07 +02:00

functions_comments.inc.php

Fix internal cache, init proper functions API

2019-02-16 13:07:53 +01:00

functions_config.inc.php

fixing multilingual issues: display languages in native names and fix initialition point of plugins

2019-11-02 14:20:18 +01:00

functions_entries_admin.inc.php

Avoid warning about non-countable var, fix #587.

2019-01-11 16:28:08 +01:00

functions_entries.inc.php

Set empty limit to "" in serendipity_fetchEntries.

2020-03-21 17:59:13 +01:00

functions_images.inc.php

Fix RCE vulnerability on Windows.

2020-03-25 15:04:31 +01:00

functions_installer.inc.php

[BUGFIX] Fixes broken installer due to missing serendipity_db_probe() call.

2018-10-31 09:39:31 +01:00

functions_permalinks.inc.php

added event_hook multilingual_strip_langs to permalinks

2019-11-02 14:20:18 +01:00

functions_plugins_admin.inc.php

Add author to details of installed plugins.

2020-03-24 16:12:31 +01:00

functions_routing.inc.php

functions_routing.php: set action to empty when serving JS

2019-12-15 13:16:28 +01:00

functions_rss.inc.php

minor whitespace and code cleanup

2015-09-30 11:22:37 +02:00

functions_smarty.inc.php

[TASK] Adds ability to make plugins change the multi-media insertion gallery HTML

2019-12-03 15:50:51 +01:00

functions_trackbacks.inc.php

Add rel=trackback header and discovery (#438)

2017-04-15 02:19:45 +02:00

functions_upgrader.inc.php

Remove utf8mb4_ready requirement from native -> utf8 upgrade

2020-03-23 17:25:04 +01:00

functions.inc.php

added event_hook multilingual_strip_langs to permalinks

2019-11-02 14:20:18 +01:00

genpage.inc.php

Make the $view variable more reliable

2018-07-31 20:35:52 +02:00

lang.inc.php

spelling fixes

2017-04-06 22:26:07 +02:00

plugin_api_extension.inc.php

cleanup

2015-08-07 15:46:36 +02:00

plugin_api.inc.php

Add plugin source to list of plugins.

2020-03-24 15:57:48 +01:00

serendipity_smarty_class.inc.php

Remove check of undefined constant (#556)

2019-02-16 13:36:15 +01:00

template_api.inc.php

cleanup cosmetics

2014-12-10 14:34:54 +01:00