SaMz Posted August 10, 2007 Share Posted August 10, 2007 this is the cure!!: Open forum.php if($_GET['viewtopic'] and $_GET['act'] != 'quote') { $_GET['act']='viewtopic'; } replace with: if(is_numeric($_GET['viewtopic']) and $_GET['act'] != 'quote') { $_GET['act']='viewtopic'; } surely i am not going to give the sql injections u people gna F some games lol Quote Link to comment Share on other sites More sharing options...
SaMz Posted August 10, 2007 Author Share Posted August 10, 2007 Re: sql injection found for v1 and v2 in forums!! you will thank me for this :) Quote Link to comment Share on other sites More sharing options...
Decepti0n Posted August 11, 2007 Share Posted August 11, 2007 Re: sql injection found for v1 and v2 in forums!! Theres more... Quote Link to comment Share on other sites More sharing options...
SaMz Posted August 11, 2007 Author Share Posted August 11, 2007 Re: sql injection found for v1 and v2 in forums!! there are tons but to find one and share rather than sell is not being selfish right? Quote Link to comment Share on other sites More sharing options...
YoungGold Posted August 11, 2007 Share Posted August 11, 2007 Re: sql injection found for v1 and v2 in forums!! yeh thanx for posting it mate hope you find more Quote Link to comment Share on other sites More sharing options...
SaMz Posted August 11, 2007 Author Share Posted August 11, 2007 Re: sql injection found for v1 and v2 in forums!! you welcome :P Quote Link to comment Share on other sites More sharing options...
camster98 Posted August 21, 2007 Share Posted August 21, 2007 Re: sql injection found for v1 and v2 in forums!! dang it 54m2 u posted it before me. why not just use strip tags though? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.