Bugfix: Restrict find_full_subnets.php to CLI

find_full_subnets.php does not verify if the user is authorized to access the data, and if the script was started from a command line. Reported by ovprophet
phpipam · Feb 3, 2023 · 3df854d · 3df854d
1 parent f1d3b0f
commit 3df854d
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/functions/scripts/find_full_subnets.php b/functions/scripts/find_full_subnets.php
@@ -1,5 +1,8 @@
 <?php
 
+# script can only be run from cli
+if(php_sapi_name()!="cli") 						{ die("This script can only be run from cli!"); }
+
 # include required scripts
 require_once( dirname(__FILE__) . '/../functions.php' );
 
@@ -40,4 +43,3 @@
     // do something with output
     print_r($out);
 }
-?>
diff --git a/misc/CHANGELOG b/misc/CHANGELOG
@@ -3,6 +3,7 @@
     Security Fixes:
     ----------------------------
     + XSS (reflected) in 'bw-calulator-result.php';
+    + Restrict find_full_subnets.php to CLI;
 
 == 1.5.0