\n$sql = “select admin_id, admin_name, admin_email, admin_pass from ” . TABLE_ADMIN . ” where admin_email = ‘” . $admin_email . “‘”;\n<\/p>\n<\/blockquote>\n
\n\n$sql = “select admin_id, admin_name, admin_email, admin_pass from ” . TABLE_ADMIN . ” where admin_email = ‘” . mysql_real_escape_string(<\/b>$admin_email)<\/b> . “‘”;\n<\/p>\n<\/blockquote>\n
effectively escaping the user-defineable $admin_email variable so that it can not be used for an SQL injection attack.<\/p>\n
2) the path disclosure: <\/p>\n
edit your php.ini file, and set display_errors = Off<\/b> and log_errors = On<\/b>. This is the default behavior for later versions of PHP, and is recommended to prevent display of sensitive information via reporting errors on web pages.<\/p>\n
It only took me a couple of minutes to explain the fixes here. Discovering and reporting the vulnerability must have taken much longer. But not finishing the job by at least describing the fix potentially leaves users of Zen Cart with a greater problem than by not reporting it at all–because even now script kiddies are likely at work crafting exploit scripts based on this information. <\/p>\n","protected":false},"excerpt":{"rendered":"
One thing that really irks me is when people publish security vulnerabilities they discover without publishing the fix. Doing so only benefits the hacker (most specifically, the script kiddie) community, begging the question, “which side are you on?” Whenver I discover a vulnerability or exploit, I make it a point to first and foremost contact …<\/p>\n
Zen-Cart<\/span> Read More »<\/a><\/p>\n","protected":false},"author":1,"featured_media":5679,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","footnotes":""},"categories":[1268,33,35],"tags":[],"_links":{"self":[{"href":"https:\/\/www.robertpeake.com\/wp-json\/wp\/v2\/posts\/131"}],"collection":[{"href":"https:\/\/www.robertpeake.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.robertpeake.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.robertpeake.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.robertpeake.com\/wp-json\/wp\/v2\/comments?post=131"}],"version-history":[{"count":0,"href":"https:\/\/www.robertpeake.com\/wp-json\/wp\/v2\/posts\/131\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.robertpeake.com\/wp-json\/wp\/v2\/media\/5679"}],"wp:attachment":[{"href":"https:\/\/www.robertpeake.com\/wp-json\/wp\/v2\/media?parent=131"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.robertpeake.com\/wp-json\/wp\/v2\/categories?post=131"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.robertpeake.com\/wp-json\/wp\/v2\/tags?post=131"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}