opensourcemirror
/
LibreNMS
mirror of https://github.com/librenms/librenms.git
1
0
Fork 0
Code Releases Activity

Fix SQL injection issues in packages search (#15950) 

https://github.com/librenms/librenms/security/advisories/GHSA-cwx6-cx7x-4q34
This commit is contained in:
Tony Murray 2024-04-16 19:32:35 -05:00 committed by GitHub
parent d7737b9889
commit d29201fce1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
includes/html/pages/search/packages.inc.php
View File

@ -43,7 +43,7 @@ print_optionbar_start(28);
print_optionbar_end();
if (isset($_POST['results_amount']) && $_POST['results_amount'] > 0) {
$results = $_POST['results'];
$results = (int) $_POST['results_amount'];
} else {
$results = 50;
}
@ -70,7 +70,6 @@ if (isset($_POST['results_amount']) && $_POST['results_amount'] > 0) {
<?php
$count_query = 'SELECT COUNT(*) FROM ( ';
$full_query = '';
$query = 'SELECT packages.name FROM packages,devices ';
$param = [];
@ -80,7 +79,8 @@ if (! Auth::user()->hasGlobalRead()) {
$param = array_merge($param, $device_ids);
}
$query .= " WHERE packages.device_id = devices.device_id AND packages.name LIKE '%" . $_POST['package'] . "%' $sql_where GROUP BY packages.name";
$query .= " WHERE packages.device_id = devices.device_id AND packages.name LIKE ? $sql_where GROUP BY packages.name";
$param[] = '%' . $_POST['package'] . '%';
$where = '';
$ver = '';
@ -107,7 +107,7 @@ if (! isset($_POST['page_number']) && $_POST['page_number'] < 1) {
}
$start = ($page_number - 1) * $results;
$full_query = $full_query . $query . " LIMIT $start,$results";
$full_query = $query . " LIMIT $start,$results";
?>
<tr>