Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Static pages Php injection vulnerability #558

Closed
haruka-7 opened this issue Apr 27, 2022 · 1 comment
Closed

Static pages Php injection vulnerability #558

haruka-7 opened this issue Apr 27, 2022 · 1 comment
Assignees
@haruka-7
Labels
bug
Milestone
PluXml 5.8.8

Comments

@haruka-7
Copy link
Collaborator

The vulnerability allow attackers to execute arbitrary code via crafted PHP code inserted into static pages.

CVE Details : https://nvd.nist.gov/vuln/detail/CVE-2022-25018
@haruka-7 haruka-7 added the bug label Apr 27, 2022
@haruka-7 haruka-7 added this to the PluXml 5.8.8 milestone Apr 27, 2022
@haruka-7 haruka-7 self-assigned this Apr 27, 2022
haruka-7 added a commit that referenced this issue Apr 27, 2022
@haruka-7
FIX Static pages PHP injection vulnerability #558
15170a2
@haruka-7
Copy link
Collaborator Author

Fixed on master (PluXml 5.8.8.)

haruka-7 added a commit that referenced this issue Aug 1, 2022
@haruka-7
Revert "FIX Static pages PHP injection vulnerability #558"
374a401 
This reverts commit 15170a2.
kazimentou pushed a commit to kazimentou/PluXml that referenced this issue Aug 1, 2022
@bazooka07
Nouvelle fonction plxUtils::sanitizePhp ( voir issue pluxml#558
e48a44f
@kazimentou kazimentou mentioned this issue Aug 1, 2022
Closed
@pp-r pp-r mentioned this issue Sep 5, 2022
Merged
2 tasks
kazimentou pushed a commit to kazimentou/PluXml that referenced this issue Nov 28, 2022
@bazooka07
Nouvelle fonction plxUtils::sanitizePhp ( voir issue pluxml#558
20fd2c1
kazimentou pushed a commit to kazimentou/PluXml that referenced this issue Dec 4, 2022
@bazooka07
Nouvelle fonction plxUtils::sanitizePhp ( voir issue pluxml#558
4eb825f
kazimentou pushed a commit to kazimentou/PluXml that referenced this issue Dec 10, 2022
@bazooka07
Nouvelle fonction plxUtils::sanitizePhp ( voir issue pluxml#558 )
bd5d72e 
Meilleur contrôle des données d'une page statique (template,
date_update, ..)
bazooka07 added a commit that referenced this issue Dec 10, 2022
@kazimentou @bazooka07
Nouvelle fonction plxUtils::sanitizePhp ( voir issue #558 ) (#589)
1c9614a 
Meilleur contrôle des données d'une page statique (template,
date_update, ..)

Co-authored-by: Jean-Pierre Pourrez <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@haruka-7 haruka-7

Labels
bug
Projects
None yet
Milestone
PluXml 5.8.8
Development

No branches or pull requests
1 participant
@haruka-7