Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
There is an sql injection in tag adding function, its location is in /dapur/apps/app_article/sys_article.php
No filter has been used in the $_POST['name'];
if(isset($_POST['add_tag']) or isset($_POST['save_tag'])){ $t = striptags($_POST['name']); if(!empty($t)) { $qr=$db->insert(FDBPrefix.'article_tags',array("",striptags($_POST['name']),striptags($_POST['desc']),"")); if($qr AND isset($_POST['save_tag'])){ notice('success',Tag_Added); redirect('?app=article&view=tag'); } else if($qr){ $sql2 = $db->select(FDBPrefix.'article_tags','*','','id DESC'); $qrs = $sql2[0]; notice('success',Tag_Added); redirect("?app=article&view=tag&act=edit&id=$qrs[id]"); } else { notice('error',Tag_Exists,2); } } else { notice('error',Status_Invalid,2); } }
In the database insert function, there is no filter function either, just add a couple of " beside the tag name. So when we update the tag name or add a tag name there is always the problem of sql injection.
URL: /fiyo/dapur/index.php?app=article&view=tag&act=edit&id=79 DATA: apply_tag=Simpan&id=79&name=1%22or%221&desc=1
We need a account to do this thing.
Discover: Chaitin Technology
The text was updated successfully, but these errors were encountered:
No branches or pull requests
There is an sql injection in tag adding function, its location is in /dapur/apps/app_article/sys_article.php
No filter has been used in the $_POST['name'];
In the database insert function, there is no filter function either, just add a couple of " beside the tag name. So when we update the tag name or add a tag name there is always the problem of sql injection.
URL: /fiyo/dapur/index.php?app=article&view=tag&act=edit&id=79
DATA: apply_tag=Simpan&id=79&name=1%22or%221&desc=1
We need a account to do this thing.
Discover: Chaitin Technology
The text was updated successfully, but these errors were encountered: