Attackers could inject sql query using timing attack based and administrative
hashes could be retrieved and may compromise the entire system or application.
[+] URL P0C
P0C: http://localhost/pixie_v1.04/?s=[SQL INJECTION]&m=permalink&x=my-first-post
Please, sanitize the data input and this issue would be fix.
Once it's done, I can ensure the issue is gone for good.
Please, advise.
Regards,
Original issue reported on code.google.com by vinicius...@gmail.com on 7 Feb 2014 at 11:43
Original issue reported on code.google.com by
vinicius...@gmail.comon 7 Feb 2014 at 11:43