Read me first before posting anywhere!
Subscribe to the feed, available in Image Atom or Image RSS format.
Scam Warning
User avatar
Former Team Member
Posts: 7425
Joined: Tue Jul 03, 2001 8:50 pm "exploits"

Post by psoTFX »

We've have had and continue to receive reports based on a bugtraq email submitted by the "" group. Please do not report these issues to us, not by PM, email nor via our security tracker.

The two "sql injection" issues are not sql injection issues, nothing can be done with them at all due to type casting (strings are forced to an integer type). The group admit this themselves but persist in claiming they are sql injection issues. The "solution" they give contains semantically incorrect SQL (you do not enclose values for integer field types in quotes).

Return to “Announcements”