Follow-up Comment #3, sr #111093 (group administration): Hi Bob, thank you for reaching out to me.
I marked the ticket as disclosure because I am able to see the structure of
the users table and the actual SQL query being executed.
In my opinion users should not be able to see the raw queries, or database
structure. Or any raw error messages/stack traces in general.
Having this query disclosed I could try to do blind SQL injections by sending
data like '; DROP TABLE users; -- for password/username/real name, for
example. Or trying to change the admin user password hash in database with
same technique.
That said, by having better knowledge about the database structure I could try
difefrent approaches to compromising it either by doing damage (trying drop
queries) or privileges escalation (trying to update all password hashes in
bulk).
I'll have in mind your advice about uploading images vs. redacting text next
time. Thank you.
Best regards,
Dimitar Nikov
_______________________________________________________
Reply to this item at:
<https://savannah.nongnu.org/support/?111093>
_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/
signature.asc
Description: PGP signature
