Get Satisfaction uses Javascript and cookies.

You'll need to enable Javascript and cookies to log-in and participate.

Share Follow

Know any helpful people?
Email this to a friend
- Your Name:
- Your Email:
- Email to: Enter up to 5 email addresses separated by commas
- Add an optional message
- Optional Message:
  Character limit of 1000 characters
- Or cancel
Twitter this
Share on Facebook
Get a short URL

Share it on these other sites

1 person participating

The mood in here

happy 0

silly 0

indifferent 1

sad 0

Products & Services

DoYouBuzz

Add a product

This topic is tagged

Add a tag

Sql injection possibility

When adding a hobby, the "type of leisure" does not seem to escape the apostrophe character. Indeed, if we entered a kind of entertainment such as "Centres d'intérêts" bugg validation and field is not changed. In addition, this could be a flaw to hack your website because if that is what I think it would be possible to include a sql injection in.

I use the French version of DoYouBuzz and I'm French so sorry for my bad english.

You can see the bugg details here: