github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta.git synced 2025-03-12 04:35:23 -07:00
Code Issues Packages Projects Releases Wiki Activity

Fix for possible file inclusion vulnerability in i18n.php

Browse Source 
Fix for https://github.com/serghey-rodin/vesta/issues/2052
This commit is contained in:
myvesta 2021-08-15 12:35:28 +02:00 committed by GitHub
parent df11eaf33f
commit 88596a8cd9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions

2
web/inc/i18n.php

@ -24,7 +24,7 @@ function _translate() {
// Load language file (if not loaded yet)
if (!isset($LANG[$l])) {
require_once($_SERVER['DOCUMENT_ROOT']."/inc/i18n/$l.php");
require_once($_SERVER['DOCUMENT_ROOT']."/inc/i18n/".basename($l).".php");
}
//if (!isset($LANG[$l][$key])) file_put_contents('/somewhere/something.log', "$key\n", FILE_APPEND);