Re: Aenovo Multiple Vulnerabilities (Patch)
Patch :
[1]
In "user/control.asp"
Find this :
---------------------------------
pword = Trim(request("password"))
---------------------------------
Replace with this:
---------------------------------
pword = replace(Trim(request("password")),"'","''")
---------------------------------
[2]
In "incs\searchdisplay.asp"
Find this:
---------------------------------
strSQL = request("strSQL")
---------------------------------
Replace with this:
---------------------------------
strSQL = ""
---------------------------------
<ali202>