-
Type:
Bug
-
Status: Closed (View Workflow)
-
Priority:
Major
-
Resolution: Won't Fix
-
Affects Version/s: 3.0.x
-
Fix Version/s: 3.0.15-RC1
-
Component/s: Other
-
Labels:None
-
phpBB Import Key:
Don't know whether this is by design or not: the complete SQL error message including parts of the faulty SQL statement is given to all users even if DEBUG-mode is disabled. This might give an attacker some information about potential issues with faulty modifications.
- is related to
-
PHPBB3-9079 Display backtrace on all E_USER_ERROR errors, not only SQL errors (when DEBUG_EXTRA is enabled)
-
- Closed
-
-
PHPBB3-10581 Malformed SQL is logged when user triggering it is shown the offending SQL
-
- Closed
-