search

rembo10 / headphones

Automatic music downloader for SABnzbd
GNU General Public License v3.0
3.35k stars 603 forks source link

SQL Injection in headphones/webserve.py #3245

Open imanoracle opened 4 years ago

imanoracle commented 4 years ago

Hello,

There is a chance for SQL injection here. In getArtists_json function, parameter name is sSearch.

Best, Iman