[PHPBB3-10611] Add a check for selected tables existence for ACP database backup tool

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.0.10
Fix Version/s: 3.0.11-RC1
Component/s: ACP
Labels:
None

Fix URL:
https://github.com/phpbb/phpbb3/pull/827

Description

In includes/acp/acp_database.php there's no check for existence of the tables selected to backup.
This may cause unwanted use of HTML page source to handle table names list, which may cause errors or harmful queries injection into the dump.

Attachments

Activity

People

Assignee:: Andreas Fischer [X] (Inactive)

Reporter:: rxu

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 01/Feb/12 3:45 PM

Updated:: 22/Jan/17 4:01 PM

Resolved:: 30/May/12 1:00 PM