Defense-in-Depth Audit
An automated security audit identified 34 defense-in-depth opportunities in plugin_intropage.
Breakdown
SQLi(13), CMD(10), Path(10), CSRF(1)
Recommended fixes
- SQLi: Convert string-concatenated SQL to
db_execute_prepared() / db_fetch_*_prepared()
- XSS: Wrap
get_request_var() in HTML contexts with html_escape_request_var()
- CMD: Verify
exec()/shell_exec() args use cacti_escapeshellarg()
- Path: Add
realpath() + prefix validation for include/require with variable paths
- Deser: Add
array('allowed_classes' => false) to unserialize() calls
- CSRF: Verify forms integrate with Cacti CSRF framework
All recommended changes are PHP 7.0+ compatible.
Related PR: #365
Defense-in-Depth Audit
An automated security audit identified 34 defense-in-depth opportunities in plugin_intropage.
Breakdown
SQLi(13), CMD(10), Path(10), CSRF(1)
Recommended fixes
db_execute_prepared()/db_fetch_*_prepared()get_request_var()in HTML contexts withhtml_escape_request_var()exec()/shell_exec()args usecacti_escapeshellarg()realpath()+ prefix validation forinclude/requirewith variable pathsarray('allowed_classes' => false)tounserialize()callsAll recommended changes are PHP 7.0+ compatible.
Related PR: #365