Menu
Forums
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Trending
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Upgrades
Log in
Register
What's new
Search
Search
Search titles only
By:
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
Server Development
Habbo Retros
Habbo Tutorials
PhoenixCMS 3.0 Articles.CFM - Possible SQL Vulnerability FIX.
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Sledmore" data-source="post: 22097" data-attributes="member: 591"><p><strong>Hey guys,</strong></p><p></p><p>Well, I really like PhoenixCMS 3.0 and I use it now cause of XaddoUSA, and we got told there were an SQL injection exploit. And I've asked Aaron himself if it would work to run a command he said no but this was a day later, I fixed this earlier to set the error to only allow the format of numeric.</p><p></p><p style="text-align: center"><strong>I'm no ColdFusion expert, but this should work got the patches from Adobe.</strong></p><p></p><p><strong>Anyways a simple fix, find the following:</strong></p><p></p><p>[PHP]<cfquery name="ThisStory" datasource="#DSN#"></p><p> SELECT *</p><p> FROM cms_news</p><p> WHERE id = #url.story#</p><p> LIMIT 1</p><p> </cfquery>[/PHP]</p><p></p><p><strong>Replace with:</strong></p><p></p><p>[PHP] <cfquery name="ThisStory" datasource="#DSN#"></p><p> SELECT *</p><p> FROM cms_news</p><p> WHERE id =<cfqueryparam value="#url.story#" cfsqltype="cf_sql_numeric"></p><p> LIMIT 1</p><p> </cfquery>[/PHP]</p><p></p><p style="text-align: center"><strong>I know it's a really simple fix, but they shouldn't be able to run a command anyway, but better to be safe huh <img src="/styles/default/xenforo/smilies/emojione/wink.png" class="smilie" loading="lazy" alt=";)" title="Wink ;)" data-shortname=";)" />? - thank me if you want to xD.</strong></p></blockquote><p></p>
[QUOTE="Sledmore, post: 22097, member: 591"] [B]Hey guys,[/B] Well, I really like PhoenixCMS 3.0 and I use it now cause of XaddoUSA, and we got told there were an SQL injection exploit. And I've asked Aaron himself if it would work to run a command he said no but this was a day later, I fixed this earlier to set the error to only allow the format of numeric. [CENTER][B]I'm no ColdFusion expert, but this should work got the patches from Adobe.[/B][/CENTER] [B]Anyways a simple fix, find the following:[/B] [PHP]<cfquery name="ThisStory" datasource="#DSN#"> SELECT * FROM cms_news WHERE id = #url.story# LIMIT 1 </cfquery>[/PHP] [B]Replace with:[/B] [PHP] <cfquery name="ThisStory" datasource="#DSN#"> SELECT * FROM cms_news WHERE id =<cfqueryparam value="#url.story#" cfsqltype="cf_sql_numeric"> LIMIT 1 </cfquery>[/PHP] [CENTER][B]I know it's a really simple fix, but they shouldn't be able to run a command anyway, but better to be safe huh ;)? - thank me if you want to xD.[/B][/CENTER] [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Server Development
Habbo Retros
Habbo Tutorials
PhoenixCMS 3.0 Articles.CFM - Possible SQL Vulnerability FIX.
Top