|
إنضمامك إلي منتديات استراحات زايد يحقق لك معرفة كل ماهو جديد في عالم الانترنت ...
انضم الينا
#1
| ||
| ||
Today forum started to send strange messages like if someone is trying to exploit some SQL injection: Code: Database error in vBulletin 3.8.4: Invalid SQL: SELECT post.postid FROM post AS post WHERE post.threadid = 67831 AND post.visible = 1 AND post.userid NOT IN (12098,18628,35960,26525,23767,35960,14737,47215,5 7795,68173,68423,74009,74265,70933,75379,116572,13 4202,Dino,dino) ORDER BY post.dateline LIMIT 0, 20; MySQL Error : Unknown column 'Dino' in 'where clause' Error Number : 1054 Request Date : Saturday, January 9th 2010 @ 1120 PM Error Date : Saturday, January 9th 2010 @ 1120 PM Script : http://www.gsmforum.ru/showthread.php?t=67831 Referrer : http://www.gsmforum.ru/forumdisplay.php?f=347 IP Address : 92.47.217.92 Username : oushen Classname : vB_Database_MySQLi MySQL Version : See those ",Dino,dino" at the end? "NOT IN" query part seems to be built by fetch_conventry function in /includes/functions_bigthree.php. And I don't understand what is it doing. Can someone please explain? What does the word "coventry" mean? I am running 3.8.4 PL2 and the Dino is the nickname of the user, recently banned by moderators. __DEFINE_LIKE_SHARE__ |
مواقع النشر (المفضلة) |
| |