khime Posted February 19, 2007 Share Posted February 19, 2007 Hi guys I' ve been using this contribution now for a while and it is very good. (Apart from the fact that I cant seem to get the server-side cache to work :'( , nevermind) I have just been informed of a security risk by hackerguardian about a possible BLIND SQL injection techniques. The following URLs seem to be vulnerable to BLIND SQL injection techniques : /imagemagic.php?page=&h=200&img=images/XXXXXX.jpg&w=132+AND+1=1) An attacker may exploit this flaws to bypass authentication or to take the control of the remote database. Solution : Modify the relevant CGIs so that they properly escape arguments I have absolutley no idea how to modify the code in order to solve this security issue. Can anybody help with this matter? Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.