timgws
commented
2 years ago Could you please provide an example to me with a request that would cause a non-valid input to be sent to the database? This will help with both tracking down the issue, and also adding a unit test so it can be avoided in future releases.
Hello! I found that there's a SQLi bypass on your code; The method validateCondition QBPFunctions.php validates "And, or" inputs but it only works for createNestedQuery of the Class QueryBuilderParser.php From a non Nested Query that validation do not occur, so the request is send to the DB without the valid input So an attacker can send the payload instead of the "And,Or" function with non nested querys
Can you solve this please? Thanks in Advance Have a Great Day!