jPortalSQL.txt
Versions: all from 2.2.1 to 2.3.1+Service Pack+shop jportalI check this bug only on one site SQL injection attack if magicquotesqpc=Off Problem is in file serching engine download.php, witch code is in module/down.inc.php file: if$cat=='all' $q = "AND title LIKE '%$word%'"; else $q = "AND...