Opened 4 years ago
Sql injection vulnerability
|Reported by:||marcelinha26||Owned by:||vinoj.cardoza|
|Plugin:||not-listed||Keywords:||sql injection, ajax search box|
This plugin suffers from a sql injection in the srch_txt textfield because it is not well sanitized. It only uses the stripslashes function which does not prevent the sql injection at all.
Note: See TracTickets for help on using tickets.