joomla/jedchecker
33
2
Fork 0
mirror of https://github.com/joomla-extensions/jedchecker.git synced 2025-01-31 09:18:25 +00:00
Code Issues Releases Activity

Merge pull request #51 from dryabov/patch-1

Browse Source 
Fix false-positive for JAMSS rule#23
This commit is contained in:
Anibal Sanchez 2019-05-17 11:25:17 +02:00 committed by GitHub
commit 510e0b168c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
administrator/components/com_jedchecker/libraries/rules/jamss.php
View File

@ -222,7 +222,7 @@ class JedcheckerRulesJamss extends JEDcheckerRule
'22',
'Found the SourceCop encoded code. It is often used for malicious code ' .
'hiding, so go and check the code with some online SourceCop decoders'),
array('(?:exec|passthru|shell_exec|system|proc_|popen)[\w\W\s/\*]*\([\s/\*\#\'\"\w\W\-\_]*(?:\$_GET|\$_POST)',
array('\b(?:exec|passthru|shell_exec|system|proc_\w+|popen)\b[\w\W\s/\*]*\([\s/\*\#\'\"\w\W\-\_]*(?:\$_GET|\$_POST)',
'shell command execution from POST/GET variables',
'23',
'Found direct shell command execution getting variables from POST/GET, ' .