search

pihome-shc / pihome

PiHome - Smart Heating, Ventilation and Air Conditioning (HVAC)
http://www.pihome.eu
Other
55 stars 25 forks source link

This line will get you PWNED #459

Open JamesJansson opened 3 months ago

JamesJansson commented 3 months ago

https://github.com/pihome-shc/pihome/blob/cf06621c6c645ee69a89bd7a9e247e4dd9f1130d/ajax.php#L473

If someone sets id to some SQL commands they can basically own your whole DB.