Jisko

file uploading not to check extensions

Bug #553887 reported by cpc on 2010-04-02

258

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Jisko	Fix Released	High	Marcos Garcia	Jisko 3.0beta1

Bug Description

Jisko 3.0 beta1 rev 374

when uploading a file which has the denied-extension specified in the config.php (such as .exe), it successful without any prompt.
It's about security issue, if someone upload a harmful file.

cpc (cpcmaker) on 2010-04-02

visibility:

private → public

Marcos Garcia (marcosgdf) on 2010-04-02

Changed in jisko:
milestone:	none → 3.0beta1
assignee:	nobody → Marcos Garcia (marcosgdf)
status:	New → Confirmed
importance:	Undecided → High
status:	Confirmed → In Progress

Revision history for this message

Marcos Garcia (marcosgdf) wrote on 2010-04-02:

Fixed in last revision

Changed in jisko:
status:	In Progress → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.