Improve check for numeric ports (bug #769)
This commit is contained in:
parent
e0a3205676
commit
35bfaa7506
|
@ -162,7 +162,7 @@ stop_session(true);
|
|||
|
||||
if (isset($_GET["username"]) && is_string(get_password())) {
|
||||
list($host, $port) = explode(":", SERVER, 2);
|
||||
if (is_numeric($port) && ($port < 1024 || $port > 65535)) {
|
||||
if (+$port && ($port < 1024 || $port > 65535)) {
|
||||
auth_error(lang('Connecting to privileged ports is not allowed.'));
|
||||
}
|
||||
check_invalid_login();
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
Adminer 4.7.8-dev:
|
||||
Support PHP 8
|
||||
Disallow connecting to privileged ports (bug #769)
|
||||
|
||||
Adminer 4.7.7 (released 2020-05-11):
|
||||
Fix open redirect if Adminer is accessible at //adminer.php%2F@
|
||||
|
|
Loading…
Reference in a new issue