FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum Development » Bug Reports » Icon bug.
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: SQL buggy. [message #13961 is a reply to message #13947] Sat, 01 November 2003 20:07 Go to previous messageGo to previous message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma:
Senior Member
Administrator
Core Developer
Xodnizel wrote on Sat, 01 November 2003 13:19

Another SQL injection vulnerability in the upload feature:

If you upload a file as an attachment, save the page, and manipulate the value of the "file_array" element(make a new array, serialize, base 64 encode), you can insert an unescaped statement at the end of another SQL statement.

Example file_array element setting:

YToxOntpOjI1O3M6MTI6IjE7KTAwJ2wnbCcoIiI7fQ==

Will should cause an error to be entered in the fudforum error log, which you can see to verify the problem exists.


I've added additional checks, but the problem is actually less serious, only the key value is used, the value is not used in SQL.


FUDforum Core Developer
[Message index]
 
Read Message
Read Message
Read Message
Read Message icon10.gif
Read Message " alt="icon10.gif">" />
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Cant login!!
Next Topic: Broken Links with pathinfo 2.6.0RC2
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Nov 07 21:38:58 GMT 2024

Total time taken to generate the page: 0.04142 seconds