Project SimpleProject Type: software

Project Simple

Uploaded image for project: 'Project Simple'
  1. Project Simple
  2. ST-256

SQL Injection : Block use of OR condition as input with quote

    Details

    • Type: Enhancement
    • Status: Closed
    • Priority: Critical
    • Resolution: Unresolved
    • Component/s: None
    • Labels:
      None
    • Module:
      BenAdmin - Security
    • Reported by:
      Harbinger
    • Item State:
      Development - Ready for Local Testing
    • Issue Importance:
      Must Have

      Description

      When we add input on notes category like asdf' or '1'='1 , category is getting added successfully.

      We should block use of OR with '. it should show sql injection character message.

        Attachments

          Activity

          Transition Time In Source Status Execution Times
          Vijayendra Shinde (Inactive) made transition -
          New Request Pending for Approval
          		20d 23h 53m 1
          Vijayendra Shinde (Inactive) made transition -
          Pending for Approval Rejected
          		11s 1
          Vijayendra Shinde (Inactive) made transition -
          Rejected Closed
          		33s 1

            People

            Assignee:
            Unassigned
            Reporter:
            vijayendra Vijayendra Shinde (Inactive)
            Developer:
            Vijayendra Shinde (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: