Lawrence Osiris DB_eSession Class SQL Injection Vulnerability

Lawrence Osiris DB_eSession Class SQL Injection Vulnerability

Solution:
It has been suggested that the following line of code will fix the vulnerability. Symantec has not confirmed the integrity of this patch.

/* add this code at line 1092 of the DB_Session class file */

$_sess_id_set = ( empty($_sess_id_set) ) ? NULL: addslashes($_sess_id_set);