------------------------------------------------------------------------ r7452 | cigamit | 2014-06-15 17:34:39 -0600 (Sun, 15 Jun 2014) | 1 line -bug#0002453: CVE-2014-4002 Cross-Site Scripting Vulnerability ------------------------------------------------------------------------ Index: branches/0.8.8/host_templates.php =================================================================== --- branches/0.8.8/host_templates.php (revision 7451) +++ branches/0.8.8/host_templates.php (revision 7452) @@ -117,6 +117,10 @@ function form_actions() { global $colors, $host_actions; + /* ================= input validation ================= */ + input_validate_input_number(get_request_var_post('drp_action')); + /* ==================================================== */ + /* if we are to save this form, instead of display it */ if (isset($_POST["selected_items"])) { $selected_items = unserialize(stripslashes($_POST["selected_items"])); Index: branches/0.8.8/cdef.php =================================================================== --- branches/0.8.8/cdef.php (revision 7451) +++ branches/0.8.8/cdef.php (revision 7452) @@ -158,6 +158,10 @@ function form_actions() { global $colors, $cdef_actions; + /* ================= input validation ================= */ + input_validate_input_number(get_request_var_post('drp_action')); + /* ==================================================== */ + /* if we are to save this form, instead of display it */ if (isset($_POST["selected_items"])) { $selected_items = unserialize(stripslashes($_POST["selected_items"])); Index: branches/0.8.8/data_queries.php =================================================================== --- branches/0.8.8/data_queries.php (revision 7451) +++ branches/0.8.8/data_queries.php (revision 7452) @@ -195,6 +195,10 @@ function form_actions() { global $colors, $dq_actions; + /* ================= input validation ================= */ + input_validate_input_number(get_request_var_post('drp_action')); + /* ==================================================== */ + /* if we are to save this form, instead of display it */ if (isset($_POST["selected_items"])) { $selected_items = unserialize(stripslashes($_POST["selected_items"])); Index: branches/0.8.8/data_sources.php =================================================================== --- branches/0.8.8/data_sources.php (revision 7451) +++ branches/0.8.8/data_sources.php (revision 7452) @@ -307,6 +307,10 @@ function form_actions() { global $colors, $ds_actions; + /* ================= input validation ================= */ + input_validate_input_number(get_request_var_post('drp_action')); + /* ==================================================== */ + /* if we are to save this form, instead of display it */ if (isset($_POST["selected_items"])) { $selected_items = unserialize(stripslashes($_POST["selected_items"])); Index: branches/0.8.8/host.php =================================================================== --- branches/0.8.8/host.php (revision 7451) +++ branches/0.8.8/host.php (revision 7452) @@ -175,6 +175,10 @@ function form_actions() { global $colors, $device_actions, $fields_host_edit; + /* ================= input validation ================= */ + input_validate_input_number(get_request_var_post('drp_action')); + /* ==================================================== */ + /* if we are to save this form, instead of display it */ if (isset($_POST["selected_items"])) { $selected_items = unserialize(stripslashes($_POST["selected_items"])); Index: branches/0.8.8/data_input.php =================================================================== --- branches/0.8.8/data_input.php (revision 7451) +++ branches/0.8.8/data_input.php (revision 7452) @@ -153,6 +153,10 @@ function form_actions() { global $colors, $di_actions; + /* ================= input validation ================= */ + input_validate_input_number(get_request_var_post('drp_action')); + /* ==================================================== */ + /* if we are to save this form, instead of display it */ if (isset($_POST["selected_items"])) { $selected_items = unserialize(stripslashes($_POST["selected_items"])); Index: branches/0.8.8/graph_templates.php =================================================================== --- branches/0.8.8/graph_templates.php (revision 7451) +++ branches/0.8.8/graph_templates.php (revision 7452) @@ -164,6 +164,10 @@ function form_actions() { global $colors, $graph_actions; + /* ================= input validation ================= */ + input_validate_input_number(get_request_var_post('drp_action')); + /* ==================================================== */ + /* if we are to save this form, instead of display it */ if (isset($_POST["selected_items"])) { $selected_items = unserialize(stripslashes($_POST["selected_items"])); Index: branches/0.8.8/graphs.php =================================================================== --- branches/0.8.8/graphs.php (revision 7451) +++ branches/0.8.8/graphs.php (revision 7452) @@ -267,6 +267,11 @@ function form_actions() { global $colors, $graph_actions; + + /* ================= input validation ================= */ + input_validate_input_number(get_request_var_post('drp_action')); + /* ==================================================== */ + /* if we are to save this form, instead of display it */ if (isset($_POST["selected_items"])) { $selected_items = unserialize(stripslashes($_POST["selected_items"])); Index: branches/0.8.8/data_templates.php =================================================================== --- branches/0.8.8/data_templates.php (revision 7451) +++ branches/0.8.8/data_templates.php (revision 7452) @@ -254,6 +254,10 @@ function form_actions() { global $colors, $ds_actions; + /* ================= input validation ================= */ + input_validate_input_number(get_request_var_post('drp_action')); + /* ==================================================== */ + /* if we are to save this form, instead of display it */ if (isset($_POST["selected_items"])) { $selected_items = unserialize(stripslashes($_POST["selected_items"]));