NEOCROME
Bug :SQL injection in PM
Status :Fixed
Severity :Serious
Reporter :Trustmaster 20-04-2008 12:55
Updated by :Olivier C. 26-05-2008 22:18
CategoryPrivate messages
Version :121
Frequency :Consistently
Fixed in :125
Details :See description and bugfix here: SQL injection in PM.
Items affected :system/core/pm/pm.send.inc.php

History and comments :

26-05-2008 22:18   Olivier C.

PM sent to the reporter :
This bug is now fixed.

21-05-2008 09:51   Olivier C.

Quote



1. Open system/core/pm/pm.send.inc.php, line ~63, find:

Code:
foreach($touser_src as $k => $i)
{ $touser_sql[] = "'".trim(sed_import($i, 'D', 'TXT'))."'"; }

2. Replace with:
Code:
foreach($touser_src as $k => $i)
{ $touser_sql[] = "'".sed_sql_prep(trim(sed_import($i, 'D', 'TXT')))."'"; }


21-05-2008 09:51   Olivier C.

PM sent to the reporter :
Submission validated -> Thanks for your help !