[Plugin: Sharebar] A Few Bugs Including SQL Injection Exploit
Just FYI, there are some bugs I pointed out in the cevhershare port of your plugin which are not addressed in your latest version. Sorry, I know you don’t like cevhershare but I didn’t know about your plugin until recently so I posted my fixes there. Also, in sharebar-admin.php, it is easy to perform an SQL injection attack when the code captures the ‘id’ value from GET and POST. You may want to copy the cevhershare fix for that. See http://www.exploit-db.com/exploits/17891/ for the exploit.
- The topic ‘[Plugin: Sharebar] A Few Bugs Including SQL Injection Exploit’ is closed to new replies.