Author Topic: [minor] SQL Injection possible when creating categories!  (Read 1105 times)

Offline auric

  • More than Newbie
  • *
  • Posts: 63
  • Thanked: 3 times
    • View Profile
When creating a new category, enter a name with a ' (quote) in it and save it.
It won't appear in the list, but Locus will generate an error log which gives away some nice SQL statements  :twisted:
« Last Edit: January 01, 1970, 01:00:00 by Guest »
LM Pro - LocusMap 4 🥇
 

Offline Menion

  • Locus team
  • Professor of Locus
  • *****
  • Posts: 12603
  • Thanked: 836 times
    • View Profile
    • http://www.asamm.com
  • Device: Pixel 5, A12
Re: [minor] SQL Injection possible when creating categories!
« Reply #1 on: May 28, 2011, 18:41:30 »
thank you, fixed
« Last Edit: January 01, 1970, 01:00:00 by Guest »
- Official help (ideas, questions, problems): help.locusmap.eu
- Advanced topics, sharing of knowledges: you're here!
- LM 4 Beta download, LM 4 final download