Bravo List
Register
Go Back   > Bravo List > Source Code > Trackers > Torrent Trader
Reply
  #1  
Old 04-11-18, 23:34
BamBam0077's Avatar
BamBam0077 BamBam0077 is offline
Support
 
Join Date: Jul 2013
P2P
Posts: 288
Default SQL Injection adminCP
Hey I don't know if any of you guys checked your admincp fully you will see vars inside an query not covered with sqlesc() you might do so by going to your /var/www/html/ grab admincp.php now search for your sql_query and update the vars to be protect with sqlesc() also I know it is not like tbdev so sql query is different and you will need to check tbdev to get sqlesc() it was a quick scan if you know more then please share with me here
Click the image to open in full size.
Reply With Quote
  #2  
Old 04-11-18, 23:52
Napon's Avatar
Napon Napon is offline
Senior Member
 
Join Date: Feb 2016
P2P
Posts: 313
Default
just remove this part in admin cp as its never been fin off so your post no good mate theres no working update to this at all
Reply With Quote
  #3  
Old 01-12-18, 07:17
BamBam0077's Avatar
BamBam0077 BamBam0077 is offline
Support
 
Join Date: Jul 2013
P2P
Posts: 288
Default
PDO works with it and as for it not being complete is based on your knowledge or what work you have done for torrent trader it is simple don't be an arse about it.
Reply With Quote
  #4  
Old 01-12-18, 13:08
Napon's Avatar
Napon Napon is offline
Senior Member
 
Join Date: Feb 2016
P2P
Posts: 313
Default
shoot the fuck up you fucking diuck know all know fuck all
side note dickweed i do not user torrant trader
Reply With Quote
Reply

Tags
admincp , injection , sql

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT +2. The time now is 13:42. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2018, vBulletin Solutions Inc.