Jump to content
MakeWebGames

sql injection found for v1 and v2 in forums!!


SaMz

Recommended Posts

this is the cure!!:

Open forum.php

if($_GET['viewtopic'] and $_GET['act'] != 'quote') { $_GET['act']='viewtopic'; }

 

replace with:

if(is_numeric($_GET['viewtopic']) and $_GET['act'] != 'quote') { $_GET['act']='viewtopic'; }

 

surely i am not going to give the sql injections u people gna F some games lol

Link to comment
Share on other sites

  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...