Merge pull request #1 from touhidshaikh/touhidshaikh-patch-1

Update sendfromfile.php
playsms · May 17, 2017 · 8ea473b · 8ea473b
2 parents 6430336 + a659bb4
commit 8ea473b
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/web/plugin/feature/sendfromfile/sendfromfile.php b/web/plugin/feature/sendfromfile/sendfromfile.php
@@ -51,6 +51,8 @@
 		break;
 	case 'upload_confirm':
 		$filename = $_FILES['fncsv']['name'];
+		//RCE Bug FIX.
+		$filename = htmlspecialchars($filename);		
 		$fn = $_FILES['fncsv']['tmp_name'];
 		$fs = (int) $_FILES['fncsv']['size'];
 		$nodups = ($_REQUEST['fncsv_dup'] ? TRUE : FALSE);