FUDforum: Bug Reports

Home » FUDforum Development » Bug Reports » Icon bug.

Show: Today's Messages :: Polls :: Message Navigator

Re: SQL buggy. [message #13953 is a reply to message #13945]

Sat, 01 November 2003 19:05

Ilia

Messages: 13241
Registered: January 2002

Karma:

Senior Member
Administrator
Core Developer

Xodnizel wrote on Sat, 01 November 2003 12:35

In 2.5.3RC3, at least, there is a *sql insertion bug in the merge thread(and probably split thread, as well) feature.

The problem is in the handling of the sel_th[] form element.

I don't know if it's exploitable or not, but you'd need to be a moderator(or an admin, but that's sort of pointless then) to see the bug.

Addressed. Mind you it is even if you were to inject some stuff into MySQL nothing would happen. And like you said you'd need to be a priveledged user already.

FUDforum Core Developer

Report message to a moderator

[Message index]

		Icon bug. By: Xodnizel on Sat, 01 November 2003 05:49
		Re: Icon bug. By: Xodnizel on Sat, 01 November 2003 05:55
		Re: Icon bug. By: Ilia on Sat, 01 November 2003 19:01
		Re: Icon bug. By: Xodnizel on Sat, 01 November 2003 19:07
	" alt="icon10.gif">" />	Re: Icon bug. By: Xodnizel on Sat, 01 November 2003 19:08
		Re: Icon bug. By: Xodnizel on Sat, 01 November 2003 06:12
		SQL buggy. By: Xodnizel on Sat, 01 November 2003 17:35
		Re: SQL buggy. By: Xodnizel on Sat, 01 November 2003 18:19
		Re: SQL buggy. By: Ilia on Sat, 01 November 2003 20:07
		Re: SQL buggy. By: Ilia on Sat, 01 November 2003 19:05
		Re: Icon bug. By: AzaToth on Sat, 01 November 2003 18:22
		Re: Icon bug. By: Ilia on Sat, 01 November 2003 19:14
		Re: Icon bug. By: Xodnizel on Sat, 01 November 2003 20:51
		Re: Icon bug. By: Ilia on Sat, 01 November 2003 20:59

Previous Topic:	Cant login!!
Next Topic:	Broken Links with pathinfo 2.6.0RC2

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Thu Nov 28 05:56:53 GMT 2024

Total time taken to generate the page: 0.05038 seconds