Context Navigation

← Previous Ticket
Next Ticket →

Ticket #595 (closed 改善提案: 修正済)

Opened 14 years ago

Last modified 13 years ago

不正なファイルアップロードが行われる可能性

Reported by:	nanasess	Owned by:	nanasess
Priority:	中	Milestone:	EC-CUBE2.11.0
Component:	管理画面	Version:	2.4.2
Keywords:		Cc:
修正済み:

Description

HTTP POST によって, ファイルアップロードを行う場合は, move_uploaded_file 関数で, 有効なファイルアップロードか検証する必要があります.

http://jp2.php.net/manual/ja/function.move-uploaded-file.php

Change History

comment:1 Changed 13 years ago by nanasess

Milestone changed from EC-CUBE2.5.0beta to EC-CUBE2.5.1（仮）

comment:2 Changed 13 years ago by nanasess

Owner changed from somebody to nanasess
Status changed from new to assigned
Milestone changed from EC-CUBE2.11.1（仮） to EC-CUBE2.11.0

comment:3 Changed 13 years ago by nanasess

Status changed from assigned to closed
Resolution set to 修正済

r20617 で対応しました

Note: See TracTickets for help on using tickets.

Download in other formats: