I have in the user home a file like "watermark.png", I can generate a thumbnail by using an URL like :
/createthumb.php?filename=../watermark.png&size=320
Even something like this works:
/createthumb.php?filename=../../../usr/share/pixmaps/debian-logo.png&size=320
Even if it would not render anything other than an image type this seems to be a security issue.
I have in the user home a file like "watermark.png", I can generate a thumbnail by using an URL like :
Even something like this works:
Even if it would not render anything other than an image type this seems to be a security issue.