| Author |
Message |
saahov
Member
|
Posted: 23 Sep 2005 20:29:20 ° Edited by: saahov
When in a category the reference to popular search inquiries, its kind such is displayed: =URL&search_type[]=Title&search_type[]=Description.html]http://test.ru /catalog/test/search_url=test&search_type[]=URL&search_t ype[]=Title&search_type[]=Description.html
If to substitute in [] any sign there is a mistake of MySQL syntax. Means quite possibly, that it is possible to use an SQL injection. What ideas will be?
|
skalinks
Admin
|
Posted: 24 Sep 2005 07:01:27
Ok, thank you for your note, but I think, that it is imposible for mysql injection, but , of course, it is the mistake, which I will correct.
Thank you!
|
saahov
Member
|
Posted: 25 Sep 2005 17:14:48
Inform me on e-mail (saahov[]gmail.com), please, when the mistake will be eliminated
|
|
