mirror of
https://github.com/joomla-extensions/jedchecker.git
synced 2024-12-31 21:51:46 +00:00
Merge pull request #51 from dryabov/patch-1
Fix false-positive for JAMSS rule#23
This commit is contained in:
commit
510e0b168c
@ -222,7 +222,7 @@ class JedcheckerRulesJamss extends JEDcheckerRule
|
||||
'22',
|
||||
'Found the SourceCop encoded code. It is often used for malicious code ' .
|
||||
'hiding, so go and check the code with some online SourceCop decoders'),
|
||||
array('(?:exec|passthru|shell_exec|system|proc_|popen)[\w\W\s/\*]*\([\s/\*\#\'\"\w\W\-\_]*(?:\$_GET|\$_POST)',
|
||||
array('\b(?:exec|passthru|shell_exec|system|proc_\w+|popen)\b[\w\W\s/\*]*\([\s/\*\#\'\"\w\W\-\_]*(?:\$_GET|\$_POST)',
|
||||
'shell command execution from POST/GET variables',
|
||||
'23',
|
||||
'Found direct shell command execution getting variables from POST/GET, ' .
|
||||
|
Loading…
Reference in New Issue
Block a user