Skip to content

Possible security vulnerability #1

Open
Open
Possible security vulnerability#1
Labels
bugSomething isn't workinginvalidThis doesn't seem right
@Bizarrus

Description

@Bizarrus
Bizarrus
opened on Aug 31, 2024

Hosting users can break out outside the hosting path.
The chroot is not configured correctly to prevent breakout.

Sample

<?php
	require_once('/etc/fruithost/.config.php');
	
	print DATABASE_PASSWORD;
?>

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workinginvalidThis doesn't seem right

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions