From f98a59deb58d3c9c739f5b32de16472f6ef4a69c Mon Sep 17 00:00:00 2001
From: Aaron Carlino <unclecheese@leftandmain.com>
Date: Tue, 20 Aug 2019 21:45:29 +1200
Subject: [PATCH] [CVE-2019-12204]: install.php warning does not account for
 public dir

---
 code/Model/SiteTree.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/code/Model/SiteTree.php b/code/Model/SiteTree.php
index a94694f6..79751e08 100755
--- a/code/Model/SiteTree.php
+++ b/code/Model/SiteTree.php
@@ -2011,7 +2011,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
             );
         }
 
-        if (file_exists(BASE_PATH . '/install.php')) {
+        if (file_exists(PUBLIC_PATH . '/install.php')) {
             $fields->addFieldToTab('Root.Main', LiteralField::create(
                 'InstallWarningHeader',
                 '<div class="alert alert-warning">' . _t(