Re: Protector and Debaser ,SQL injection
List posts in the topic
Re: Protector and Debaser ,SQL injection
msg# 1.1
hi onasre.
It looks just a typical SQL Injection.
Of course, it is the best way that the author fixes it.
But almost threats from SQL Injection can be excluded by Protector's setting.
1) rename prefix other than "xoops"
2) set "Action if an isolated comment-in is found" sanitizing or upper.
3) set "Action if a UNION is found" sanitizing or upper.
Votes:0
Average:0.00
Posts tree