Fehler #179: Users Home directory - security issue. - eXtplorer - PHP-based File Manager - eXtplorer - a PHP-based File Manager

Actions

Copy link

Fehler #179

open

Users Home directory - security issue.

Added by Julianno Nogueira over 9 years ago.

Status:

Neu

Priority:

Hoch

Assignee:

Category:

Target version:

eXtplorer Version:

2.1.4

Joomla! Version:

none

Description

Good Afternoon,

I have installed eXtplorer version 2.1.6 and I found an issue that I need your help in order to fix this security hole.

When the issue happen:
1 - Using an admin account, create a subfolder in the root folder (any name);
2 - Create a new user, and select his "Home directory" as the new created above;
3 - Now, delete de new created folder that was set to the new user (using admin account still)
4 - Login with the new user and get access to the entire public_html folder!

Are you able to help me to identify where can I insert a folder lookup for each user, and if that folder does not exist, set the User Home directory to some "custom" folder?

Thank you in advance.

No data to display

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

eXtplorer - PHP-based File Manager

Fehler #179

Users Home directory - security issue.