Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* [admincmd.sma] Fix typo in isCommandArgSafe ' * [admincmd.sma] Update amx_cvar command handler - Fix exploiting of "mapchangecfgfile" cvar to execute potentially dangerous console commands - Add newline delimiter check and restrict for ****cfgfile cvars values * Restrict having ".." character sequence in amx_map command argument Fixes exploit on Windows servers that allows executing potentially dangerous console commands * Do not allow admins to change cvars with FCVAR_SPONLY flag when not in singleplayer via amx_cvar 1. Make amx_cvar command obey FCVAR_SPONLY flag. 2. Fix exploiting of amx_nextmap cvar value which is used in nextmap plugin.
- Loading branch information