beenull/adminerevo
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Improve check for numeric ports (bug #769)

Browse source
This commit is contained in:
Jakub Vrana 2020-12-06 13:12:58 +01:00
parent e0a3205676
commit 35bfaa7506
2 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
adminer/include/auth.inc.php
View file

@ -162,7 +162,7 @@ stop_session(true);
if (isset($_GET["username"]) && is_string(get_password())) {
list($host, $port) = explode(":", SERVER, 2);
if (is_numeric($port) && ($port < 1024 || $port > 65535)) {
if (+$port && ($port < 1024 || $port > 65535)) {
auth_error(lang('Connecting to privileged ports is not allowed.'));
}
check_invalid_login();

1
changes.txt
View file

@ -1,5 +1,6 @@
Adminer 4.7.8-dev:
Support PHP 8
Disallow connecting to privileged ports (bug #769)
Adminer 4.7.7 (released 2020-05-11):
Fix open redirect if Adminer is accessible at //adminer.php%2F@