[Koha-bugs] [Bug 1953] New: remove possible SQL injection attacks

koha-bugs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Koha-bugs] [Bug 1953] New: remove possible SQL injection attacks

From:	bugzilla-daemon
Subject:	[Koha-bugs] [Bug 1953] New: remove possible SQL injection attacks
Date:	Tue, 18 Mar 2008 13:16:06 -0700 (PDT)

http://bugs.koha.org/cgi-bin/bugzilla/show_bug.cgi?id=1953

           Summary: remove possible SQL injection attacks
           Product: Koha
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P3
         Component: Database
        AssignedTo: address@hidden
        ReportedBy: address@hidden
         QAContact: address@hidden


I've found a handful of SQL queries that don't use placeholders and bind
variables, but instead have variables passed directly into them. These may
allow SQL injection attacks. I plan on refactoring them so that they use
placeholders instead.




------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

[Prev in Thread]

Current Thread

[Next in Thread]

[Koha-bugs] [Bug 1953] New: remove possible SQL injection attacks, bugzilla-daemon <=

Prev by Date: [Koha-bugs] [Bug 1889] Virtual shelves leave blank field in staff intranet when BIB is deleted
Next by Date: [Koha-bugs] [Bug 1953] remove possible SQL injection attacks
Previous by thread: [Koha-bugs] [Bug 1949] Bibliographic Address isn't properly displayed on OPAC result page
Next by thread: [Koha-bugs] [Bug 1953] remove possible SQL injection attacks
Index(es):
- Date
- Thread