Bugtraq mailing list archives
Re: Aenovo Multiple Vulnerabilities (Patch)
From: ali202 () fastermail com
Date: 16 Oct 2005 17:17:55 -0000
Patch :
[1]
In "user/control.asp"
Find this :
---------------------------------
pword = Trim(request("password"))
---------------------------------
Replace with this:
---------------------------------
pword = replace(Trim(request("password")),"'","''")
---------------------------------
[2]
In "incs\searchdisplay.asp"
Find this:
---------------------------------
strSQL = request("strSQL")
---------------------------------
Replace with this:
---------------------------------
strSQL = ""
---------------------------------
<ali202>
Current thread:
- Re: Aenovo Multiple Vulnerabilities (Patch) ali202 (Oct 17)