Fehler #179: Users Home directory - security issue. - eXtplorer - PHP-based File Manager - eXtplorer - a PHP-based File Manager

Fehler #179

Users Home directory - security issue.

Added by Julianno Nogueira over 8 years ago.

Status:

Neu

Priority:

Hoch

Assignee:

Category:

Target version:

eXtplorer Version:

2.1.4

Joomla! Version:

none

Description

Good Afternoon,

I have installed eXtplorer version 2.1.6 and I found an issue that I need your help in order to fix this security hole.

When the issue happen:
1 - Using an admin account, create a subfolder in the root folder (any name);
2 - Create a new user, and select his "Home directory" as the new created above;
3 - Now, delete de new created folder that was set to the new user (using admin account still)
4 - Login with the new user and get access to the entire public_html folder!

Are you able to help me to identify where can I insert a folder lookup for each user, and if that folder does not exist, set the User Home directory to some "custom" folder?

Thank you in advance.

Also available in: Atom PDF

Project

General

Profile

eXtplorer - PHP-based File Manager

Issues

Fehler #179

Users Home directory - security issue.