mirror/php-adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2025-08-09 16:17:48 +02:00
Code Issues Releases Wiki Activity

Disallow connecting to privileged ports (thanks to hyp3rlinx)

Browse Source
This commit is contained in:
Jakub Vrana
2018-01-16 11:18:32 +01:00
parent 0e5df34ea8
commit 0fae40fb61
3 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
adminer/include/auth.inc.php
View File

@@ -165,6 +165,10 @@ if (isset($_GET["username"])) {
page_footer("auth");
exit;
}
list($host, $port) = explode(":", SERVER, 2);
if (is_numeric($port) && $port < 1024) {
auth_error('Connecting to privileged ports is not allowed.');
}
check_invalid_login();
$connection = connect();
}