I found a SQL injection in the search form.
If you enter a single quote into the form the postgreSQL server respond with the following error:
Warning: pg_query(): Query failed: ERROR: syntax error in tsquery: "'" in <FULLPATH>\DatabasePostgres.php on line 584 Sorry, that was not a valid search string. Please go back and try again
Wich means the server is vulrnable to an SQL injection.
- go to the main wiki page
- Enter the single quote into the search form
Shortcut to the bug:
Note that the %27 is the single quote character !
Originaly found at:
(Already told them about this)