CSPM trivially vulnerable to SQL injection

rkhous / CSPM

Crowd-Sourced PokeMap for Monocle

MIT License

11 stars 13 forks source link

CSPM trivially vulnerable to SQL injection #1

Closed bmenrigh closed 6 years ago

bmenrigh commented 6 years ago

The DB queries / inserts just use simple string concatenation and introduce SQL injection vulnerabilities. For example: cursor.execute("SELECT id FROM forts WHERE NAME LIKE '" + str(arg) + "%';")

You should consider moving to parameterized queries. See https://stackoverflow.com/questions/775296/python-mysql-parameterized-queries for some examples of how to do this.

rkhous commented 6 years ago

switched over to parameterized queries.