[Bug 15760] New: sql injection in poac-shelves.pl
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15760 Bug ID: 15760 Summary: sql injection in poac-shelves.pl Change sponsored?: --- Product: Koha Version: 3.22 Hardware: All OS: All Status: NEW Severity: critical Priority: P5 - low Component: Database Assignee: gmcharlt@gmail.com Reporter: hblancoca@gmail.com QA Contact: testopia@bugs.koha-community.org In a security analisys with accunetix software can detect that opac-shelves.pl permit sql injection attack, an example can be the following: URL encoded GET input sortfield was set to if(now()=sysdate(),sleep(0),0)/*'XOR(if(now()=sysdate(),sleep(0),0))OR'"XOR(if(now()=sysdate(),sleep(0),0))OR"*/ URL encoded GET input sortfield was set to 1,(select case when (3*2*1=6 AND 000227=000227) then 1 else 1*(select table_name from information_schema.tables)end)=1 I believe that is needed to sanitize all variables in that script. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15760 Humberto Blanco <hblancoca@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|sql injection in |sql injection in |poac-shelves.pl |opac-shelves.pl -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15760 Jacek Ablewicz <abl@biblos.pk.edu.pl> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |abl@biblos.pk.edu.pl -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org