elijaa · slawomir-pryczek · Oct 5, 2017 · Oct 6, 2017 · Oct 10, 2017 · Oct 10, 2017
diff --git a/Library/Bootstrap.php b/Library/Bootstrap.php
@@ -4,7 +4,7 @@
 header('Cache-Control: no-cache, must-revalidate');
 
 # Constants declaration
-define('CURRENT_VERSION', '1.3.0');
+define('CURRENT_VERSION', '1.3.1');
 
 # PHP < 5.3 Compatibility
 if (defined('ENT_IGNORE') === false) {

diff --git a/Library/Data/Analysis.php b/Library/Data/Analysis.php
@@ -82,6 +82,14 @@ public static function diff($array, $stats)
             if (isset($array[$key]) && ! in_array($key, static::NON_ADDITIVE)) {
                 $stats[$key] = $value - $array[$key];
             }
+
+            # Make sure we're dealing with a real number
+            $v = $array[$key];
+            if (!is_float($v) && !is_int($v)) {
+                continue;
+            }
+
+            $stats[$key] = $value - $v;
         }
 
         return $stats;

diff --git a/README.md b/README.md
@@ -1,5 +1,7 @@
 # PHPMemcachedAdmin #
 
+PHPMemcachedAdmin contains critical security bug (up to, and including v 1.3.0) which allows for remote code execution. Version 1.3.1 has this security exploit fixed.
+
 ### Graphic stand-alone administration for memcached to monitor and debug purpose ###
 
 This program allows to see in **real-time** (top-like) or from the start of the server, **stats for get, set, delete, increment, decrement, evictions, reclaimed, cas command**, as well as **server stats** (network, items, server version) with googlecharts and  **server internal configuration**
@@ -45,4 +47,4 @@ Unzip/Untar & Give files permissions
 
 You have to give **Read & Execute right to all files**, and **Read, Write & Execute to configuration files and temporary directory**.
 
-More information in https://blog.elijaa.org/phpmemcachedadmin-installation-guide/
+More information in https://blog.elijaa.org/phpmemcachedadmin-installation-guide/
diff --git a/stats.php b/stats.php
@@ -50,7 +50,13 @@
     # Cleaning temporary directory
     $files = glob($_ini->get('file_path') . '*', GLOB_NOSORT);
     foreach ($files as $path) {
-        # Getting file last modification time
+
+        # Only delete files which were created by us
+        if (strpos($path, ".mcatmp.txt") === false || strpos($path, "live_stats") === false) {
+            continue;
+        }
+
+    	# Getting file last modification time
         $stats = @stat($path);
 
         # Deleting file older than 24 hours
@@ -69,6 +75,11 @@
     $live_stats_id = $_COOKIE['live_stats_id' . $hash];
 }
 
+# Prefix the file to not allow setting custom extension via cookie 
+# https://rstforums.com/forum/topic/85493-phpmemcachedadmin-122-remote-code-execution/
+$live_stats_id = str_replace(chr(0), "", $live_stats_id);
+$live_stats_id = "{$live_stats_id}.mcatmp.txt";
+
 # Live stats dump file
 $file_path = rtrim($_ini->get('file_path'), '/') . DIRECTORY_SEPARATOR . 'live_stats.' . $live_stats_id;