A local file inclusion (LFI) exploit has been found in your component.
Please upgrade your
file.php class file as soon as possible in all your generated component.
Here is the source code of the function to replace :
in
classes / file / file.php
public static function getDirectory($path)
{
$markers = [MYCOMPONENT]Helper::getDirectories();
$foundDir = false;
// Search and parse the folders aliases
foreach($markers as $marker => $pathStr)
{
// Make sure at least one folder alias has been defined
if (preg_match("/^\[" . $marker . "\]/", $path))
$foundDir = true;
$path = preg_replace("/^\[" . $marker . "\]/", $pathStr, $path);
}
// A Marker directory MUST be defined > Local File Inclusion security
if (!$foundDir)
return null;
// Protect against (Local File Inclusion)
$path = preg_replace("/\.\.+/", "", $path);
return $path;
}
