realJema
commented
4 years ago I will like to be assigned this issue
Open prodigysml opened 6 years ago
realJema
commented
4 years ago I will like to be assigned this issue
muarachmann
commented
4 years ago Please go ahead
On Mon, 16 Mar 2020 at 14:14 Jema notifications@github.com wrote:
I will like to be assigned this issue
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/LibreHealthIO/lh-ehr/issues/1213#issuecomment-599529021, or unsubscribe https://github.com/notifications/unsubscribe-auth/AD4X4XSGBG5VK5RTFSQXMLDRHYQ2TANCNFSM4FLLOEDQ .
--
MUA N. LAURENT: Lead Software Engineer Akivas Inc. https://akivas.com/ Akwa, Douala,CM 00237 | 174 Royal Rd, Cape Town, WC 7405, SA Phone: (237) 670-518-086
The Issue
Unrestricted file write vulnerabilities allow attackers to write file such as PHP files, in locations where the web server user has access to write. This may allow an attacker to write files with malicious content and may lead to remote code execution.
An attacker must be authenticated to perform this attack.
Where the Issue Occurred
The following code snippet displays the usage of the
fopenfunction in PHP within the lh-ehr application: https://github.com/LibreHealthIO/lh-ehr/blob/cacaa71dca75c3bf53cdce506fbb62e8b0593f76/interface/patient_file/letter.php#L254This creates or overwrites a file that the web server user has access to. The following code snippet displays writing user controlled content within the user controlled file: https://github.com/LibreHealthIO/lh-ehr/blob/cacaa71dca75c3bf53cdce506fbb62e8b0593f76/interface/patient_file/letter.php#L260