1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
$NetBSD: patch-am,v 1.2 2020/09/07 10:34:52 mef Exp $
Fix various cross site scripting, arbitrary command execution and various
other vulnerabilities in webmin (CVE-2008-0720).
--- mysql/search_form.cgi.orig 2007-09-21 23:26:42.000000000 +0200
+++ mysql/search_form.cgi
@@ -12,7 +12,8 @@ require './view-lib.pl';
&can_edit_db($in{'db'}) || &error($text{'dbase_ecannot'});
@str = &table_structure($in{'db'}, $in{'table'});
-$desc = &text('table_header', "<tt>$in{'table'}</tt>", "<tt>$in{'db'}</tt>");
+$desc = &text('table_header', "<tt>" . &html_escape($in{'table'}) .
+ "</tt>", "<tt>" . &html_escape($in{'db'}) . "</tt>");
&ui_print_header($desc, $text{'adv_title'}, "");
print &ui_form_start("view_table.cgi", "post");
@@ -36,13 +37,13 @@ print "</table>\n";
print &ui_form_end([ [ "advanced", $text{'adv_ok'} ] ]);
if ($access{'edonly'}) {
- &ui_print_footer("edit_dbase.cgi?db=$in{'db'}",$text{'dbase_return'},
- "", $text{'index_return'});
+ &ui_print_footer("edit_dbase.cgi?db=" . &urlize($in{'db'}),
+ $text{'dbase_return'}, "", $text{'index_return'});
}
else {
- &ui_print_footer("edit_table.cgi?db=$in{'db'}&table=$in{'table'}",
- $text{'table_return'},
- "edit_dbase.cgi?db=$in{'db'}", $text{'dbase_return'},
- "", $text{'index_return'});
+ &ui_print_footer("edit_table.cgi?db=" . &urlize($in{'db'}) .
+ "&table=" . &urlize($in{'table'}), $text{'table_return'},
+ "edit_dbase.cgi?db=" . &urlize($in{'db'}),
+ $text{'dbase_return'}, "", $text{'index_return'});
}
|
