View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000208 | Main CAcert Website | source code | public | 2006-04-16 11:02 | 2013-11-20 22:23 |
| Reporter | blshkv | Assigned To | Sourcerer | ||
| Priority | normal | Severity | major | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Fixed in Version | 2006 | ||||
| Summary | 0000208: [security bug] unverified SQL injeciton in gpg.php | ||||
| Description | it might be possible to create special formated certificate with SQL code in email. It will be included to SQL queiry in gpp.php in "emailaddies" field because there is no usuall mysql_escape_string function to escape userinput. | ||||
| Tags | No tags attached. | ||||
| Reviewed by | |||||
| Test Instructions | |||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2006-04-16 11:02 | blshkv | New Issue | |
| 2006-04-20 19:32 |
|
Relationship added | related to 0000183 |
| 2006-04-21 06:44 | duane | Status | new => closed |
| 2006-04-21 06:44 | duane | Note Added: 0000165 | |
| 2006-04-21 06:44 | duane | Resolution | open => fixed |
| 2006-04-21 06:44 | duane | Fixed in Version | => production |
| 2006-04-24 05:41 |
|
Note Added: 0000196 | |
| 2006-04-24 05:41 |
|
Assigned To | => bluec |
| 2006-04-24 05:41 |
|
Status | closed => needs work |
| 2006-08-14 18:28 | duane | Relationship deleted | related to 0000183 |
| 2007-10-24 05:10 | evaldo | Relationship added | related to 0000460 |
| 2008-11-17 20:54 | Sourcerer | Note Added: 0001258 | |
| 2008-11-17 20:54 | Sourcerer | Assigned To | bluec => |
| 2008-11-17 20:54 | Sourcerer | Status | needs work => solved? |
| 2008-11-17 20:54 | Sourcerer | Status | solved? => closed |
| 2008-11-17 20:54 | Sourcerer | Assigned To | => Sourcerer |
| 2013-01-14 08:06 | Werner Dworak | Fixed in Version | => 2006 |
| 2013-11-20 22:23 | NEOatNHNG | View Status | private => public |
