Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26043
path:
In file Hoosk-master\hoosk\hoosk0\models\Hoosk_model.php
if ($this->input->post('siteTitle') != "") {
$data['siteTitle'] = $this->input->post('siteTitle');
}
//...
$this->db->update('hoosk_settings', $data);
In file Hoosk-master\hoosk\hoosk0\controllers\Hoosk_default.php
class Hoosk_default extends CI_Controller
{
public function __construct()
{
$this->load->model('Hoosk_page_model');
//...
$this->data['settings'] = $this->Hoosk_page_model->getSettings();
//...
}
public function index()
{
//...
$this->data['header'] = $this->load->view('templates/header', $this->data, true);
//...
}
}
In file Hoosk-master\hoosk\hoosk0\models\Hoosk_model.php
public function getSettings(){
// Get settings
$this->db->select("*");
$this->db->where("siteID", 0);
$query = $this->db->get('hoosk_settings');
if ($query->num_rows() > 0) {
$results = $query->result_array();
foreach ($results as $u):
$page = array(
'siteLogo' => $u['siteLogo'],
'siteFavicon' => $u['siteFavicon'],
'siteTitle' => $u['siteTitle'],
'siteTheme' => $u['siteTheme'],
'siteFooter' => $u['siteFooter'],
'siteMaintenanceHeading' => $u['siteMaintenanceHeading'],
'siteMaintenanceMeta' => $u['siteMaintenanceMeta'],
'siteMaintenanceContent' => $u['siteMaintenanceContent'],
'siteMaintenance' => $u['siteMaintenance'],
'siteAdditionalJS' => $u['siteAdditionalJS'],
);
endforeach;
return $page;
}
return array();
}
In file Hoosk-master\theme\dark\templates\header.php
<title><?php echo $page['pageTitle']; ?> | <?php echo $settings['siteTitle']; ?> </title>