diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2010-11-09 11:38:27 -0500 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2010-11-09 11:38:27 -0500 |
commit | 034f08e7dd102c09e60184220927e6c5cba9f10c (patch) | |
tree | fc31493bc38958074835e3e344302084e1d652f4 /usr/local/www/diag_dump_states.php | |
parent | fea098864053dada6741b99444f10d4406ddeee6 (diff) | |
download | pfsense-034f08e7dd102c09e60184220927e6c5cba9f10c.zip pfsense-034f08e7dd102c09e60184220927e6c5cba9f10c.tar.gz |
Fix Misc XSS issues
Diffstat (limited to 'usr/local/www/diag_dump_states.php')
-rwxr-xr-x | usr/local/www/diag_dump_states.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/usr/local/www/diag_dump_states.php b/usr/local/www/diag_dump_states.php index a2009c9..69d8dfd 100755 --- a/usr/local/www/diag_dump_states.php +++ b/usr/local/www/diag_dump_states.php @@ -44,8 +44,8 @@ require_once("guiconfig.inc"); /* handle AJAX operations */ if($_GET['action']) { if($_GET['action'] == "remove") { - $srcip = $_GET['srcip']; - $dstip = $_GET['dstip']; + $srcip = escapeshellarg($_GET['srcip']); + $dstip = escapeshellarg($_GET['dstip']); if (is_ipaddr($srcip) and is_ipaddr($dstip)) { $retval = mwexec("/sbin/pfctl -k '{$srcip}' -k '{$dstip}'"); echo htmlentities("|{$srcip}|{$dstip}|{$retval}|"); @@ -58,7 +58,7 @@ if($_GET['action']) { /* get our states */ if($_GET['filter']) { - exec("/sbin/pfctl -s state | grep " . escapeshellarg($_GET['filter']), $states); + exec("/sbin/pfctl -s state | grep " . escapeshellarg(htmlspecialchars($_GET['filter'])), $states); } else { exec("/sbin/pfctl -s state", $states); @@ -135,7 +135,7 @@ include("head.inc"); <td><?=gettext("Current state count:");?> <?=$current_statecount?></td> <td style="font-weight:bold;" align="right"> <?=gettext("Filter expression:");?> - <input type="text" name="filter" class="formfld search" value="<?=$_GET['filter'];?>" size="30" /> + <input type="text" name="filter" class="formfld search" value="<?=htmlspecialchars($_GET['filter']);?>" size="30" /> <input type="submit" class="formbtn" value="<?=gettext("Filter");?>" /> <td> </tr> |