Security issue in admin_lets_tools.php

lets-software / lets

A content management system catering to a local LETS. A full-featured suite of tools to transact, communicate and meet with your community. Submit articles and events, make comments, create auctions and much more!

http://www.lets-software.net/

GNU General Public License v2.0

3 stars 0 forks source link

Security issue in admin_lets_tools.php #11

Open lets-software opened 9 years ago

lets-software commented 9 years ago

There is an SQL injection vulnerability at line 109, 119 and 122.

Not critical, as only admins users have access to that page.

lets-software commented 9 years ago

We need to implement PDO prepare statment to prevent this.