Changes
Template:Execution alert (view source)
Revision as of 15:00, 28 September 2019
, 15:00, 28 September 2019no edit summary
<noinclude>
<languages/>
</noinclude>{{#switch:<translate></translate>
| =
{{Security alert
|problem={{{problem|<translate><!--T:1--> Vulnerable to '''[[w:Code_injection#Shell_injection|code injection]] attacks''', because it passes user input directly to executable statements, such as exec(), passthru() or include().</translate> <translate><!--T:2--> This may lead to '''arbitrary code being run on your server''', among other things.</translate>}}}
|solution={{{solution|<translate><!--T:3--> Strictly validate user input and/or apply escaping to all characters that have a special meaning in executable statements.</translate>}}}
|signed={{{signed|{{{1||}}}}}}
|nocat=1
}}{{#if:{{{nocat|}}}||<includeonly>[[Category:Extensions with arbitrary execution vulnerabilities{{#translation:}}]]</includeonly>}}
| #default=
{{#invoke:Template translation|renderTranslatedTemplate|template=Template:Execution alert|noshift=1}}
}}<noinclude>
{{Documentation|content=
;Description
: Adds an alert box describing a [[w:Code_injection#Shell_injection|code injection]] vulnerability in including Extension page. Also adds including page to [[:Category:Extensions with arbitrary execution vulnerabilities]]
;Example
:<pre>{{Execution alert|~~~~}}</pre>
}}
[[Category:Alert templates{{#translation:}}|{{PAGENAME}}]]
[[Category:Categorizing templates{{#translation:}}|{{PAGENAME}}]]
[[Category:Extension templates{{#translation:}}|{{PAGENAME}}]]
</noinclude>
<languages/>
</noinclude>{{#switch:<translate></translate>
| =
{{Security alert
|problem={{{problem|<translate><!--T:1--> Vulnerable to '''[[w:Code_injection#Shell_injection|code injection]] attacks''', because it passes user input directly to executable statements, such as exec(), passthru() or include().</translate> <translate><!--T:2--> This may lead to '''arbitrary code being run on your server''', among other things.</translate>}}}
|solution={{{solution|<translate><!--T:3--> Strictly validate user input and/or apply escaping to all characters that have a special meaning in executable statements.</translate>}}}
|signed={{{signed|{{{1||}}}}}}
|nocat=1
}}{{#if:{{{nocat|}}}||<includeonly>[[Category:Extensions with arbitrary execution vulnerabilities{{#translation:}}]]</includeonly>}}
| #default=
{{#invoke:Template translation|renderTranslatedTemplate|template=Template:Execution alert|noshift=1}}
}}<noinclude>
{{Documentation|content=
;Description
: Adds an alert box describing a [[w:Code_injection#Shell_injection|code injection]] vulnerability in including Extension page. Also adds including page to [[:Category:Extensions with arbitrary execution vulnerabilities]]
;Example
:<pre>{{Execution alert|~~~~}}</pre>
}}
[[Category:Alert templates{{#translation:}}|{{PAGENAME}}]]
[[Category:Categorizing templates{{#translation:}}|{{PAGENAME}}]]
[[Category:Extension templates{{#translation:}}|{{PAGENAME}}]]
</noinclude>