Auth bypass vulnerability fix

0x0d · 0x0d · commit c0d5b3765a3e · 2015-01-19T15:14:15.000+03:00
diff --git a/web/api/index.php b/web/api/index.php
@@ -17,7 +17,7 @@
         exec(VESTA_CMD ."v-check-user-password ".$v_user." ".$v_password." '".$_SERVER["REMOTE_ADDR"]."'",  $output, $auth_code);
     } else {
         $key = '/usr/local/vesta/data/keys/' . basename($_POST['hash']);
-        if (file_exists($key)) {
+        if (file_exists($key) && is_file($key)) {
             $auth_code = '0';
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@`
`17`	`17`	`exec(VESTA_CMD ."v-check-user-password ".$v_user." ".$v_password." '".$_SERVER["REMOTE_ADDR"]."'", $output, $auth_code);`
`18`	`18`	`} else {`
`19`	`19`	`$key = '/usr/local/vesta/data/keys/' . basename($_POST['hash']);`
`20`		`- if (file_exists($key)) {`
	`20`	`+ if (file_exists($key) && is_file($key)) {`
`21`	`21`	`$auth_code = '0';`
`22`	`22`	`}`
`23`	`23`	`}`