[Plugin: Sharebar] A Few Bugs Including SQL Injection Exploit

  • Anonymous User 5746546

    (@anonymized-5746546)


    13 years ago

    Just FYI, there are some bugs I pointed out in the cevhershare port of your plugin which are not addressed in your latest version. Sorry, I know you don’t like cevhershare but I didn’t know about your plugin until recently so I posted my fixes there. Also, in sharebar-admin.php, it is easy to perform an SQL injection attack when the code captures the ‘id’ value from GET and POST. You may want to copy the cevhershare fix for that. See https://www.exploit-db.com/exploits/17891/ for the exploit.

    https://www.ads-software.com/extend/plugins/sharebar/

  • The topic ‘[Plugin: Sharebar] A Few Bugs Including SQL Injection Exploit’ is closed to new replies.
  • In: Plugins
  • 0 replies
  • 1 participant
  • Last reply from: Anonymous User 5746546
  • Last activity: 13 years ago
  • Status: not a support question