[Koha-bugs] [Bug 15760] New: sql injection in poac-shelves.pl
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Feb 8 17:03:06 CET 2016
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15760
Bug ID: 15760
Summary: sql injection in poac-shelves.pl
Change sponsored?: ---
Product: Koha
Version: 3.22
Hardware: All
OS: All
Status: NEW
Severity: critical
Priority: P5 - low
Component: Database
Assignee: gmcharlt at gmail.com
Reporter: hblancoca at gmail.com
QA Contact: testopia at bugs.koha-community.org
In a security analisys with accunetix software can detect that opac-shelves.pl
permit sql injection attack, an example can be the following:
URL encoded GET input sortfield was set to
if(now()=sysdate(),sleep(0),0)/*'XOR(if(now()=sysdate(),sleep(0),0))OR'"XOR(if(now()=sysdate(),sleep(0),0))OR"*/
URL encoded GET input sortfield was set to 1,(select case when (3*2*1=6 AND
000227=000227) then 1 else 1*(select
table_name from information_schema.tables)end)=1
I believe that is needed to sanitize all variables in that script.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list