-
```
Try to read about SQL injections.
```
Original issue reported on code.google.com by `kepbauti...@gmail.com` on 9 May 2011 at 3:35
-
Some of the sql statements are vulnerable to SQL injection. This happens when string concatination is used and the SQL statement is not parameterized.(for instance the saveContext function in service.…
-
There are _many_ SQL injection vectors on the website. A quick read of website/util.php makes that evident. Please read http://php.net/manual/en/security.database.sql-injection.php to learn how to fix…
-
```
Non c'è nessuna validazione sui parametri GET e POST, utilizzati direttamente
nelle query sql. Decisamente pericoloso...
```
Original issue reported on code.google.com by `ximarx@gmail.com` on 7…
-
-
Not sure if you're planning to maintain the site but figured I'd report following parameters vulnerable to SQL Injection:
`/profile.php?id= `and `/search.php?location=emails&query=`
Payloads you…
-
Here's the URL the ZAP is testing for SQLi
```
https://website.com/Search?serviceInstance=+AND+1%3D1+--+&ID=1&serviceInstanceParameter=&WorklistRequest=true
```
and the response contains 302 to lo…
-
# Problem
Bahaya SQL Injection di kode rest.php. Karena input dari user (melalui POST) bisa mengandung query SQL. Semua query yang perlu ada input dari user **Wajib di filter**.
Cara mengatasiny…
-
Column sorting variables should use a switch statement to make sure they're valid.
Just skimming, and e.g.
in: controllers/invoice.php
$data['invoices'] = $this->invoice_model->select_multiple($this-…
-
@Cam please check the file for sql