Call triggers vulnerability in function children()
389: ⇑ $this->children ($relativePath)
384: $relativePath = htmlspecialchars($_POST['path']);
requires:
385: if(isset($_SESSION[Filescontroller::FC_USERNAME]) && !is_null($folderName) && !is_null($relativePath))
382: ⇓ function createfolder()
What does the above error mean?
I assume, that's because of direct passing of $_POST['path']. You shouldn't do that, need to properly validate/sanitize before pass. htmlspecialchars will just handle only one, but enormous vulnerabilities out there. - @code-jaff