Hi,
There is a sql injection bug in PostNuke 0.762 admin section (and maybe
before versions) .
The "hits" parameter is not checked properly before be used in sql query :
File /modules/Downloads/admin.php, Line 1586 :
:: $dbconn->Execute("INSERT INTO $downtable
:: ($colum...
There is a sql injection bug in PostNuke 0.762 admin section (and maybe
before versions) .
The "hits" parameter is not checked properly before be used in sql query :
File /modules/Downloads/admin.php, Line 1586 :
:: $dbconn->Execute("INSERT INTO $downtable
:: ($colum...
[ more ]