Moderator
Staff member
Moderator
If you are using this version, or even a derivated version of this clan system files ([Sharing] Working Sandurr's Clan System Version 2.0 - RaGEZONE forums) you should be aware of:
Every ASP file has SqlInjection vulnerabilities. I could delete members from your clan, delete your clans, databases, insert records, change records, and even change your SQL password. I'm not giving ANY info on HOW to do that.
How to protect yourself:
Just edit your scripts and add check for illegal characters in every value received for the QueryString. (usually they are like this: Trim(Request("chname")) )
Learning purposes:
The flaw is in the way the query string is created. By concatenating directly the user input in the query string, as sandurr did (QUERY = "SELECT * FROM UL WHERE ChName = '" & chname & "'"), creates a HUGE security flaw.
Every ASP file has SqlInjection vulnerabilities. I could delete members from your clan, delete your clans, databases, insert records, change records, and even change your SQL password. I'm not giving ANY info on HOW to do that.
How to protect yourself:
Just edit your scripts and add check for illegal characters in every value received for the QueryString. (usually they are like this: Trim(Request("chname")) )
Learning purposes:
The flaw is in the way the query string is created. By concatenating directly the user input in the query string, as sandurr did (QUERY = "SELECT * FROM UL WHERE ChName = '" & chname & "'"), creates a HUGE security flaw.
Last edited: