You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So the attacker can control the command injection through the filename.
The attacker can add ';' and add another command like (echo <script>alert(document.cookie)<\script>.
The output pf the command will be printed through this path.
Hello,
I would like to report for possible vulnerability.
In file https://github.com/MiczFlor/RPi-Jukebox-RFID/blob/develop/htdocs/trackEdit.php
In file https://github.com/MiczFlor/RPi-Jukebox-RFID/blob/develop/htdocs/utils/Files.php
So the attacker can control the command injection through the filename.
The attacker can add ';' and add another command like (echo <script>alert(document.cookie)<\script>.
The output pf the command will be printed through this path.
In file https://github.com/MiczFlor/RPi-Jukebox-RFID/blob/develop/htdocs/trackEdit.php
Finally, I recommend using escapeshellarg function with the $_GET['folder'], $_POST['folder'], $_GET['filename'] and $_POST['filename']
The text was updated successfully, but these errors were encountered: