|Posted by:panschk[FP] |
Hey everyone :-)
Thanks a lot to Crackling who pointed out to me that BWMN has been vulnerable to SQL injection because the inputs were not sanitized. I did not know better when I implemented it back in the day, but at least I tried to fix it now, using a regex search/replace. With this I replaced over 300 places in the code base in one go. This is not perfect and a really serious hacker might still be able to get through, but certainly an improvement. It could also potentially break something, although my tests looked good. If I broke something that previously worked, let me know in the comments.
When doing this on Tuesday, I accidently applied the connection settings to an older backup of the databse, which is used for the 'update project' started but abandoned by mmmk: http://broodwarmaps.net/BWMN_dev/public/index.php
Update 2021-04-01: I added another fix that should hopefully fix SQL injection in all cases.