<<< Date Index >>>     <<< Thread Index >>>

Re: Aenovo Multiple Vulnerabilities (Patch)



Patch : 
[1]
In "user/control.asp"
Find this :

---------------------------------
pword = Trim(request("password"))
---------------------------------

Replace with this:

---------------------------------
pword = replace(Trim(request("password")),"'","''")
---------------------------------

[2]
In "incs\searchdisplay.asp"
Find this:

---------------------------------
strSQL = request("strSQL")
---------------------------------

Replace with this:

---------------------------------
strSQL = ""
---------------------------------

<ali202>