Security threats


I am using a premium version of jetpack and 2 threaths have been detected in dolibarr:

Threat number 1: File contains malicious code: card.php

Threat found (php_suspicious_variable_function_009)

  • Concerned file: …compta/bank/various_payment/card.php
  • Concerned code: if ($action === ‘clone’) {
    $set_value_help = $form->textwithpicto(’’, $langs->trans($langs->trans(“AccountingDirectionHelp”)));
    $sensarray = array(‘0’ => $langs->trans(“Debit”), ‘1’ => $langs->trans(“Credit”));

Threat number 2: File contains malicious code: security_other.php

Threat found (php_suspicious_variable_function_009)

  • concerned file: … /admin/security_other.php
  • concerned code:
    } else {
    $desc = $form->textwithpicto(’’, $langs->transnoentities(“EnableGDLibraryDesc”), 1, ‘warning’);
    print $desc;

Do you have any idea please how to fix these threats?


As far as I can tell these are false positives.
Theres is no user input that could pose a security risk

1 Like

Thanks for your reply. For both of them?

yes, both are no negative security wise