33
2
mirror of https://github.com/joomla-extensions/jedchecker.git synced 2024-11-27 15:26:36 +00:00

reduce rule#24 to just a backtick in the code scope

This commit is contained in:
Denis Ryabov 2021-11-16 22:31:36 +03:00
parent bf2d44a585
commit a384d84174

View File

@ -260,7 +260,7 @@ class JedcheckerRulesJamss extends JEDcheckerRule
'Found direct shell command execution getting variables from POST/GET, ' .
'which is highly dangerous security flaw or a part of malicious webrootkit',
'code'),
array('\$\w[\w\W\s/\*]*=[\w\W\s/\*]*`.*`',
array('`',
'PHP execution operator: backticks (``)',
'24',
'PHP execution operator found. Note that these are not single-quotes! ' .