From a44d43cda421e3139f1bdc35d40393297e5a3eb5 Mon Sep 17 00:00:00 2001 From: Cristian Fasanando Date: Sun, 31 May 2009 01:26:47 +0200 Subject: [PATCH] [svn r21121] Fixed vulnerable get parameter: search_folder - partial FS#4261 --- .../plugins/ajaxfilemanager/ajax_get_file_listing.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/ajax_get_file_listing.php b/main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/ajax_get_file_listing.php index 56bdc3b0b9..68e4844bd5 100644 --- a/main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/ajax_get_file_listing.php +++ b/main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/ajax_get_file_listing.php @@ -7,7 +7,7 @@ * @since 22/May/2007 * * Modify for Dokeos - * @author Juan Carlos Raña + * @author Juan Carlos Ra�a * @since 31/December/2008 */ @@ -22,11 +22,14 @@ include_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . "inc" . DIRECTORY_SEPARATOR . "config.php"); include_once(CLASS_PAGINATION); $pagination = new pagination(false); + + $search_folder = str_replace("'","",$_GET['search_folder']); + if(!empty($_GET['search'])) { include_once(CLASS_SEARCH); - $search = new Search($_GET['search_folder']); + $search = new Search($search_folder); $search->addSearchKeyword('recursive', @$_GET['search_recursively']); $search->addSearchKeyword('mtime_from', @$_GET['search_mtime_from']); $search->addSearchKeyword('mtime_to', @$_GET['search_mtime_to']);