388543ca99
(RHBZ #1113035)
142 lines
6.0 KiB
Diff
142 lines
6.0 KiB
Diff
------------------------------------------------------------------------
|
|
r7452 | cigamit | 2014-06-15 17:34:39 -0600 (Sun, 15 Jun 2014) | 1 line
|
|
|
|
-bug#0002453: CVE-2014-4002 Cross-Site Scripting Vulnerability
|
|
------------------------------------------------------------------------
|
|
Index: branches/0.8.8/host_templates.php
|
|
===================================================================
|
|
--- branches/0.8.8/host_templates.php (revision 7451)
|
|
+++ branches/0.8.8/host_templates.php (revision 7452)
|
|
@@ -117,6 +117,10 @@
|
|
function form_actions() {
|
|
global $colors, $host_actions;
|
|
|
|
+ /* ================= input validation ================= */
|
|
+ input_validate_input_number(get_request_var_post('drp_action'));
|
|
+ /* ==================================================== */
|
|
+
|
|
/* if we are to save this form, instead of display it */
|
|
if (isset($_POST["selected_items"])) {
|
|
$selected_items = unserialize(stripslashes($_POST["selected_items"]));
|
|
Index: branches/0.8.8/cdef.php
|
|
===================================================================
|
|
--- branches/0.8.8/cdef.php (revision 7451)
|
|
+++ branches/0.8.8/cdef.php (revision 7452)
|
|
@@ -158,6 +158,10 @@
|
|
function form_actions() {
|
|
global $colors, $cdef_actions;
|
|
|
|
+ /* ================= input validation ================= */
|
|
+ input_validate_input_number(get_request_var_post('drp_action'));
|
|
+ /* ==================================================== */
|
|
+
|
|
/* if we are to save this form, instead of display it */
|
|
if (isset($_POST["selected_items"])) {
|
|
$selected_items = unserialize(stripslashes($_POST["selected_items"]));
|
|
Index: branches/0.8.8/data_queries.php
|
|
===================================================================
|
|
--- branches/0.8.8/data_queries.php (revision 7451)
|
|
+++ branches/0.8.8/data_queries.php (revision 7452)
|
|
@@ -195,6 +195,10 @@
|
|
function form_actions() {
|
|
global $colors, $dq_actions;
|
|
|
|
+ /* ================= input validation ================= */
|
|
+ input_validate_input_number(get_request_var_post('drp_action'));
|
|
+ /* ==================================================== */
|
|
+
|
|
/* if we are to save this form, instead of display it */
|
|
if (isset($_POST["selected_items"])) {
|
|
$selected_items = unserialize(stripslashes($_POST["selected_items"]));
|
|
Index: branches/0.8.8/data_sources.php
|
|
===================================================================
|
|
--- branches/0.8.8/data_sources.php (revision 7451)
|
|
+++ branches/0.8.8/data_sources.php (revision 7452)
|
|
@@ -307,6 +307,10 @@
|
|
function form_actions() {
|
|
global $colors, $ds_actions;
|
|
|
|
+ /* ================= input validation ================= */
|
|
+ input_validate_input_number(get_request_var_post('drp_action'));
|
|
+ /* ==================================================== */
|
|
+
|
|
/* if we are to save this form, instead of display it */
|
|
if (isset($_POST["selected_items"])) {
|
|
$selected_items = unserialize(stripslashes($_POST["selected_items"]));
|
|
Index: branches/0.8.8/host.php
|
|
===================================================================
|
|
--- branches/0.8.8/host.php (revision 7451)
|
|
+++ branches/0.8.8/host.php (revision 7452)
|
|
@@ -175,6 +175,10 @@
|
|
function form_actions() {
|
|
global $colors, $device_actions, $fields_host_edit;
|
|
|
|
+ /* ================= input validation ================= */
|
|
+ input_validate_input_number(get_request_var_post('drp_action'));
|
|
+ /* ==================================================== */
|
|
+
|
|
/* if we are to save this form, instead of display it */
|
|
if (isset($_POST["selected_items"])) {
|
|
$selected_items = unserialize(stripslashes($_POST["selected_items"]));
|
|
Index: branches/0.8.8/data_input.php
|
|
===================================================================
|
|
--- branches/0.8.8/data_input.php (revision 7451)
|
|
+++ branches/0.8.8/data_input.php (revision 7452)
|
|
@@ -153,6 +153,10 @@
|
|
function form_actions() {
|
|
global $colors, $di_actions;
|
|
|
|
+ /* ================= input validation ================= */
|
|
+ input_validate_input_number(get_request_var_post('drp_action'));
|
|
+ /* ==================================================== */
|
|
+
|
|
/* if we are to save this form, instead of display it */
|
|
if (isset($_POST["selected_items"])) {
|
|
$selected_items = unserialize(stripslashes($_POST["selected_items"]));
|
|
Index: branches/0.8.8/graph_templates.php
|
|
===================================================================
|
|
--- branches/0.8.8/graph_templates.php (revision 7451)
|
|
+++ branches/0.8.8/graph_templates.php (revision 7452)
|
|
@@ -164,6 +164,10 @@
|
|
function form_actions() {
|
|
global $colors, $graph_actions;
|
|
|
|
+ /* ================= input validation ================= */
|
|
+ input_validate_input_number(get_request_var_post('drp_action'));
|
|
+ /* ==================================================== */
|
|
+
|
|
/* if we are to save this form, instead of display it */
|
|
if (isset($_POST["selected_items"])) {
|
|
$selected_items = unserialize(stripslashes($_POST["selected_items"]));
|
|
Index: branches/0.8.8/graphs.php
|
|
===================================================================
|
|
--- branches/0.8.8/graphs.php (revision 7451)
|
|
+++ branches/0.8.8/graphs.php (revision 7452)
|
|
@@ -267,6 +267,11 @@
|
|
|
|
function form_actions() {
|
|
global $colors, $graph_actions;
|
|
+
|
|
+ /* ================= input validation ================= */
|
|
+ input_validate_input_number(get_request_var_post('drp_action'));
|
|
+ /* ==================================================== */
|
|
+
|
|
/* if we are to save this form, instead of display it */
|
|
if (isset($_POST["selected_items"])) {
|
|
$selected_items = unserialize(stripslashes($_POST["selected_items"]));
|
|
Index: branches/0.8.8/data_templates.php
|
|
===================================================================
|
|
--- branches/0.8.8/data_templates.php (revision 7451)
|
|
+++ branches/0.8.8/data_templates.php (revision 7452)
|
|
@@ -254,6 +254,10 @@
|
|
function form_actions() {
|
|
global $colors, $ds_actions;
|
|
|
|
+ /* ================= input validation ================= */
|
|
+ input_validate_input_number(get_request_var_post('drp_action'));
|
|
+ /* ==================================================== */
|
|
+
|
|
/* if we are to save this form, instead of display it */
|
|
if (isset($_POST["selected_items"])) {
|
|
$selected_items = unserialize(stripslashes($_POST["selected_items"]));
|