CX Command_Injection @ createaccount.php [master]

[cxronen]

Command_Injection issue exists @ createaccount.php in branch master

The application's <?php method calls an OS (shell) command with mail, at line 1 of createaccount.php, using an untrusted string with the command to execute.  
This could allow an attacker to inject an arbitrary command, and enable a Command Injection attack.
The attacker may be able to inject the executed command via user input, _POST, which is retrieved by the application in the <?php method, at line 1 of createaccount.php.

Severity: High

CWE:77

Checkmarx

Lines: 33 55 30

---

Code (Line #33):

	$email = isset($_POST["email"])?$_POST["email"]:"";

---

Code (Line #55):

				$emailmsg = "Please click the following link to activate your account.\n\n". $_SERVER["HTTP_REFERER"] ."?code=". $activationcode ."&username=". $desiredusername ."\n\nThank you!";

---

Code (Line #30):

	$desiredusername = isset($_POST["desiredusername"])?$_POST["desiredusername"]:"";

---

[cxronen]

Issue still exists.

[cxronen]

Issue still exists.

[cxronen]

Issue still exists.

[cxronen]

Issue still exists.

[cxronen]

Issue still exists.

[cxronen]

Issue still exists.

[cxronen]

Issue still exists.

[cxronen]

Issue still exists.