Piwigo Bugtracker

Piwigo bug tracker has moved to Github

This bugtracker is kept to provide history on old issues.


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0003089Piwigosecuritypublic2014.06.12 11:292014.06.12 11:34
Reporterplg 
Assigned Toplg 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version2.6.2 
Target Version2.7.0beta2Fixed in Version2.7.0beta2 
Summary0003089: SQL injection on photo edit
DescriptionAn admin can perform an SQL injection on photo edit with associate[] input field.
TagsNo tags attached.
browserany
Database engine and version
PHP version
Web serverApache 1.3.x
Attached Files

- Relationships

-  Notes
(0007471)
svn (reporter)
2014.06.12 11:33

[Subversion] r28678 by plg on trunk

-----[Subversion commit log]----------------------------------------------------
bug 3089: prevent SQL injection on photo edition

- Issue History
Date Modified Username Field Change
2014.06.12 11:29 plg New Issue
2014.06.12 11:29 plg Status new => assigned
2014.06.12 11:29 plg Assigned To => plg
2014.06.12 11:29 plg browser => any
2014.06.12 11:29 plg Web server => Apache 1.3.x
2014.06.12 11:33 svn Checkin
2014.06.12 11:33 svn Note Added: 0007471
2014.06.12 11:34 plg Status assigned => closed
2014.06.12 11:34 plg Resolution open => fixed
2014.06.12 11:34 plg Fixed in Version => 2.7.0beta2


Copyright © 2000 - 2016 MantisBT Team
Contact
Powered by Mantis Bugtracker