hi folks!
security.php have a security hole!! don't panic..it's solved and ONLY vip
persons could inject sql code in aiki...
the hole was here..
$get_sides = explode("||", $inline_per);
...
get_group_level = $db->get_var ("SELECT group_level from " .
"aiki_users_groups where
group_permissions='$get_sides[0]'");
_______________________________________________
Mailing list: https://launchpad.net/~aikiframework-devel
Post to : [email protected]
Unsubscribe : https://launchpad.net/~aikiframework-devel
More help : https://help.launchpad.net/ListHelp
