Search Error - SQl Inject Attack Detected

Post Reply

Author	Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic
DomitianX Members Profile Find Members Posts Newbie Joined: 28 January 2008 Status: Offline Points: 32	Post Options Post Reply Quote DomitianX Report Post Thanks(0) Quote Reply Topic: Search Error - SQl Inject Attack Detected Posted: 16 October 2008 at 7:29pm
	If you search for the word "keywords" the links in the results pages trigger a SQL Injection attack message: http://forums.webwiz.net/forum_posts.asp?TID=26413&KW=keywords Looks like it has something to do with the "KW=keywords" part. Take that off and it works fine. Looks like some more tweaking of the SQL Injection detections scripts is in order.

WebWiz-Bruce Members Profile Find Members Posts Admin Group Web Wiz Developer Joined: 03 September 2001 Location: Bournemouth Status: Offline Points: 9844	Post Options Post Reply Quote WebWiz-Bruce Report Post Thanks(0) Quote Reply Posted: 17 October 2008 at 6:50am
	This will be looked into s there doesn't appear to be a quick fix for this if your keywords to highlight contain syntax that could be used in an SQL Injection.
	Web Wiz Forums Hosting ASP.NET Web Hosting

Post Reply

Forum Jump

Forum Permissions View Drop Down

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot delete your posts in this forum
You cannot edit your posts in this forum
You cannot create polls in this forum
You cannot vote in polls in this forum

About Web Wiz | Contact Web Wiz | Terms & Conditions | Cookies | Privacy Notice

Web Wiz is the trading name of Web Wiz Ltd. Company registration No. 05977755. Registered in England and Wales.
Registered office: Web Wiz Ltd, Unit 18, The Glenmore Centre, Fancy Road, Poole, Dorset, BH12 4FB, UK.

Prices exclude VAT at 20% unless otherwise stated. VAT No. GB988999105 - $, € prices shown as a guideline only.