Skip to content
Permalink
Browse files Browse the repository at this point in the history
fixed CSV file import vulnerability - version 3.43
git-svn-id: https://plugins.svn.wordpress.org/ip-blacklist-cloud/trunk@1107588 b8457f37-d9ea-0310-8a92-e5e31aec5664
  • Loading branch information
ad33lx committed Mar 7, 2015
1 parent 197e7c5 commit 6e6fe8c
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 13 deletions.
45 changes: 33 additions & 12 deletions ip_blacklist_cloud.php
Expand Up @@ -3,7 +3,7 @@
Plugin Name: IP Blacklist Cloud
Plugin URI: http://wordpress.org/extend/plugins/ip-blacklist-cloud/
Description: Blacklist IP Addresses from visiting your WordPress website and block usernames from spamming. View details of all failed login attempts.
Version: 3.42
Version: 3.43
Author: Adeel Ahmed
Author URI: http://www.ip-finder.me/
*/
Expand Down Expand Up @@ -1881,26 +1881,47 @@ function valid_js_identifier( $callback ){
//-----Import Database-----
if($_REQUEST['action']=="importCSVIPCloud")
{
if(current_user_can( 'manage_options' ) && $_REQUEST['filename'])
if(current_user_can( 'manage_options' ) && isset($_REQUEST['filename']))
{
$js_url =get_bloginfo('template_directory');
$upload_d = wp_upload_dir();
$upload_url=$upload_d['baseurl'];
$upload_dir=$upload_d['basedir'];
$filename= $upload_dir."/ipblc_csv/".$_REQUEST['filename'];
$file_req=$_REQUEST['filename'];

//---remove ../ or ./ from direct access---

$file_req=str_replace("../","",$file_req);
$file_req=str_replace("./","",$file_req);

$filename= $upload_dir."/ipblc_csv/".$file_req;


//echo "file: $filename<BR>";

$exp=explode(".",$filename);
$ext=strtolower($exp[count($exp)-1]);
$row = 1;
if (($handle = fopen("$filename", "r")) !== FALSE)
{
$AllData=array();
while (($data = fgetcsv($handle, 5242880, ",")) !== FALSE)
$file_type=filetype($filename);

if($ext=="csv" && $file_type=="file")
{
if (($handle = fopen("$filename", "r")) !== FALSE)
{
$AllData=array();
while (($data = fgetcsv($handle, 5242880, ",")) !== FALSE)
{
$field=$data[0];
$value=$data[1];
$AllData[]=array("$field"=>$value);
}
fclose($handle);
echo json_encode($AllData);
}
else
{
$field=$data[0];
$value=$data[1];
$AllData[]=array("$field"=>$value);
echo "-1";
}
fclose($handle);
echo json_encode($AllData);
}
else
{
Expand Down
5 changes: 4 additions & 1 deletion readme.txt
Expand Up @@ -4,7 +4,7 @@ Donate link:
Tags: comments, spam, IP, blacklist, cloud, IP cloud, block, spamming, secure, failed login, hack attempt, auto block login
Requires at least: 3.3
Tested up to: 4.1.1
Stable tag: 3.42
Stable tag: 3.43
License: GPLv2 or later
License URI: http://www.gnu.org/licenses/gpl-2.0.html

Expand Down Expand Up @@ -91,6 +91,9 @@ http://demo.ip-finder.me/demo-details/

== Changelog ==

= 3.43 =
* Quick Fix - Fixed CSV import vulnerability found by g0blin

= 3.42 =
* Quick Fix - Fixed mysql_real_escape_string() warning

Expand Down

0 comments on commit 6e6fe8c

Please sign in to comment.