Perhaps I have missed something; but there doesn’t seem to be any kind of input sanitisation going on. If you look at the
itsas_search()functions, it seems that the SQL queries are being constructed WITHOUT any safe-guards against SQL injection attacks.
No where is
mysql_real_escape_string()called. If no sanitisation is present, this represents a massive security problem for the plugin users.
- The topic ‘[Plugin: Search Light] Potential for SQL Attacks’ is closed to new replies.