[buddypress-trac] [BuddyPress] #1223: Filters are often used in SQL without proper quote escaping (possible injection vulnerability)
buddypress-trac at lists.automattic.com
buddypress-trac at lists.automattic.com
Sun Oct 18 21:20:14 UTC 2009
#1223: Filters are often used in SQL without proper quote escaping (possible
injection vulnerability)
---------------------------------------+------------------------------------
Reporter: rvenable | Owner:
Type: defect | Status: new
Priority: critical | Milestone: 1.1.2
Keywords: sql injection, needs-patch |
---------------------------------------+------------------------------------
Changes (by DJPaul):
* keywords: sql injection => sql injection, needs-patch
Comment:
Good catch with the like_escape.
--
Ticket URL: <http://trac.buddypress.org/ticket/1223#comment:2>
BuddyPress <http://buddypress.org/>
BuddyPress
More information about the buddypress-trac
mailing list