SaMz Posted August 10, 2007 Posted August 10, 2007 this is the cure!!: Open forum.php if($_GET['viewtopic'] and $_GET['act'] != 'quote') { $_GET['act']='viewtopic'; } replace with: if(is_numeric($_GET['viewtopic']) and $_GET['act'] != 'quote') { $_GET['act']='viewtopic'; } surely i am not going to give the sql injections u people gna F some games lol Quote
SaMz Posted August 10, 2007 Author Posted August 10, 2007 Re: sql injection found for v1 and v2 in forums!! you will thank me for this :) Quote
Decepti0n Posted August 11, 2007 Posted August 11, 2007 Re: sql injection found for v1 and v2 in forums!! Theres more... Quote
SaMz Posted August 11, 2007 Author Posted August 11, 2007 Re: sql injection found for v1 and v2 in forums!! there are tons but to find one and share rather than sell is not being selfish right? Quote
YoungGold Posted August 11, 2007 Posted August 11, 2007 Re: sql injection found for v1 and v2 in forums!! yeh thanx for posting it mate hope you find more Quote
SaMz Posted August 11, 2007 Author Posted August 11, 2007 Re: sql injection found for v1 and v2 in forums!! you welcome :P Quote
camster98 Posted August 21, 2007 Posted August 21, 2007 Re: sql injection found for v1 and v2 in forums!! dang it 54m2 u posted it before me. why not just use strip tags though? Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.