Skip to content

Commit

Permalink
SECURITY: Fix Directory Traversal Vulerability.
Browse files Browse the repository at this point in the history
  • Loading branch information
mrubinsk committed Mar 8, 2020
1 parent 9216d86 commit 8844968
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion lib/Block/Bookmarks.php
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ protected function _title()
*/
protected function _content()
{
$template = TREAN_TEMPLATES . '/block/' . $this->_params['template'] . '.inc';
$template = TREAN_TEMPLATES . '/block/' . basename($this->_params['template']) . '.inc';

$sortby = 'title';
$sortdir = 0;
Expand Down
2 changes: 1 addition & 1 deletion lib/Block/Mostclicked.php
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ protected function _title()
*/
protected function _content()
{
$template = TREAN_TEMPLATES . '/block/' . $this->_params['template'] . '.inc';
$template = TREAN_TEMPLATES . '/block/' . basename($this->_params['template']) . '.inc';

$html = '';
$bookmarks = $GLOBALS['trean_gateway']->listBookmarks('clicks', 1, 0, $this->_params['rows']);
Expand Down

0 comments on commit 8844968

Please sign in to comment.