mbirth/LuckyCoinkydink
1
0
Fork 0
Code Issues Pull Requests Activity

* Fix SQL injection for comment.php used in read-context.

Browse Source 
(Thanks to High-Tech Bridge SA Security Release Lab, Advisory HTB23092)
This commit is contained in:
Garvin Hicking 2012-05-16 11:59:02 +02:00
parent d6c527e422
commit 7b552d2df9
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/NEWS
View File

@ -69,6 +69,12 @@ Version 1.7 ()
that the baseURL is not overriden when configuring serendipity
with a possibly autodetected currentl URL. Patch by Manko10.
Version 1.6.2 (May 16th, 2012)
------------------------------------------------------------------------
* Fix SQL injection for comment.php used in read-context.
(Thanks to High-Tech Bridge SA Security Release Lab, Advisory HTB23092)
Version 1.6.1 (May 8th, 2012)
------------------------------------------------------------------------

2
include/functions_trackbacks.inc.php
View File

@ -364,7 +364,7 @@ function add_trackback ($id, $title, $url, $name, $excerpt) {
if ($id>0) {
// first check, if we already have this pingback
$comments = serendipity_fetchComments($id,1,'co.id',true,'TRACKBACK'," AND co.url='$url'");
$comments = serendipity_fetchComments($id,1,'co.id',true,'TRACKBACK'," AND co.url='" . serendipity_db_escape_string($url) . "'");
if (is_array($comments) && sizeof($comments) == 1) {
log_pingback("We already have that TRACKBACK!");
return 0; // We already have it!