Ticket #510 (closed defect: fixed)

Opened 20 months ago

Last modified 20 months ago

SQL injection in ajax.php

Reported by: reporter Owned by: mbonetti
Priority: normal Milestone:
Component: BUGS Version:
Severity: normal Keywords:
Cc:

Description

There are several unsanitized SQL queries in ajax.php (e.g. expsetState or expgetFeedContent functions), exploitation is trivial (email me for PoC), SQL and script-injection possible.

~kuze

PS: Hey mbi ;)

Change History

Changed 20 months ago by mbonetti

Email sent and working on it. Hey, Kuze sir, ltns :)

Changed 20 months ago by mbonetti

  • status changed from new to closed
  • resolution set to fixed

should be fine

Note: See TracTickets for help on using tickets.