Describe the bug
Copying files with an unauthorized extension between server directories. In some apps the misconfiguration lead to different security issues(secrets exposure, RCE, etc.)
To Reproduce
Steps to reproduce the behavior:
Create 2 folders on filesystem
Manually create php file in one
Be sure that php file upload restricted
Be sure that you cant just copy and paste php files
Copy folder with php file to other folder
Check that folder copied with not allowed file php
Expected behavior
Message like "Unable to copy folder with not allowed file types"
Screenshots
Last version 2.1.65
Check if you can upload php files
Manually create php file on folder
Check if you can copy not allowed files on the same directory
Check if you can copy not allowed files on the other directory
Copy the entire folder to another one and check if the php file exists
Describe the bug Copying files with an unauthorized extension between server directories. In some apps the misconfiguration lead to different security issues(secrets exposure, RCE, etc.)
To Reproduce Steps to reproduce the behavior:
Expected behavior Message like "Unable to copy folder with not allowed file types"
Screenshots
Last version 2.1.65![image](https://github.com/Studio-42/elFinder/assets/67024514/32fbace4-a1c7-421e-b959-46e48e79ddb3)
Check if you can upload php files![image](https://github.com/Studio-42/elFinder/assets/67024514/9a95842a-f4e7-4a32-be95-99092c944299)
Manually create php file on folder
![image](https://github.com/Studio-42/elFinder/assets/67024514/66210ceb-efd1-4221-a54a-476e0c237349)
Check if you can copy not allowed files on the same directory![image](https://github.com/Studio-42/elFinder/assets/67024514/ea2921f5-0c2f-410f-8a76-dee7f3d7941b)
Check if you can copy not allowed files on the other directory![image](https://github.com/Studio-42/elFinder/assets/67024514/eaa6bfce-7f88-4779-9820-ed72a1789d23)
Copy the entire folder to another one and check if the php file exists![image](https://github.com/Studio-42/elFinder/assets/67024514/9331bfdb-8701-4716-a6a3-9f99cf895559)
Desktop: