Skip to content

Commit

Permalink
N°6989 - Security hardening
Browse files Browse the repository at this point in the history
  • Loading branch information
@Molkobain
Molkobain committed Nov 22, 2023
1 parent fc22d91 commit 3b2da39
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions pages/exec.php
View file
Expand Up @@ -48,8 +48,9 @@

$sTargetPage = APPROOT.'env-'.$sEnvironment.'/'.$sModule.'/'.$sPage;

if (!file_exists($sTargetPage))
{
if (!file_exists($sTargetPage)
|| (strtolower(pathinfo($sTargetPage, PATHINFO_EXTENSION)) !== "php")
) {
// Do not recall the parameters (security takes precedence)
echo "Wrong module, page name or environment...";
exit;
Expand Down

0 comments on commit 3b2da39

Please sign in to comment.