1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Duplicate Rebuild search index potential SQL injection?

Discussion in 'Resolved Bug Reports' started by Thalagyrt, Jan 7, 2011.

  1. Thalagyrt

    Thalagyrt Member

    Got this while rebuilding indexes after an import. It seems to have hit a post with a :p in it.

     
  2. Thalagyrt

    Thalagyrt Member

    Hmm... Upon a bit more digging it looks like it's a bug with the Zend Framework that was reported over a year ago. Weird that it hasn't been fixed.
     
  3. Thalagyrt

    Thalagyrt Member

  4. Mike

    Mike XenForo Developer Staff Member

    I should also note that it's not an SQL injection, just an incorrect calculation of what it thinks are bound variables.
     
  5. Thalagyrt

    Thalagyrt Member

    Yeah. At first glance it looked like it could potentially have been a vector for injection, but after looking a bit closer I realized that wasn't the case but couldn't change my thread topic (or couldn't figure out how?)
     

Share This Page