1. Jean Machuron
  2. Sherlock Holmes
  3. Bug report
  4. Thursday, 29 August 2019
  5.  Subscribe via email
Hello

We have an hotspot pro install working fine but since a couple of days some people try to hack it by directly adding parameters/words to the main hotspots page.
This provokes an sql error for now but we would like to fix it before it could give access to something else ?
To explain, the main map is at https://activ-ha.com/c/ and any correct address would be https://activ-ha.com/c/#something.
however attackers try to access https://activ-ha.com/c/somethingelse which gives a 1064 sql error :
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ') AND type_alias = 'com_hotspots.hotspot'' at line 3

Can you let me know how to solve this ?

Thanks
Jean


There are %s replies to this question. If you want to see them you need a valid subscription.
If you have a valid subscription, please login now.
Visit store now

Last questions

hotspotsanywhere - Change title / name HOTSPOTS
Hello everybody! I'm using Hotspots Pro 5.4.8 with plugin {hotspotsanywhere}. I...
2 Replies
Posted on Tuesday, 19 November 2019
  • Resolved
  • New
    • #Content - Hotspots Anywhere
    popup info of a hotspot in map
    how can i make popup in map a hotspot info like the picture ? And also if...
    1 Replies
    Posted on Sunday, 17 February 2019
    • #popup in map
    Where in Mail Chimp do I find the relevant field n
    How to set up field for contact from module in joomla? Where in Mail Chimp do I ...
    0 Replies
    Posted on Monday, 18 November 2019
  • New
    • #Mailchimp
    • #joomla 3.8.8
    • #Text Field
    • #form submission
    • #install
    • #responsive layout
    Language change in CMC mailchimp module for joomla
    Hello everyone! How do I change the language for error messages in module ? th...
    0 Replies
    Posted on Sunday, 17 November 2019
  • New
  • Certificates won't print when PHP is set to 7.2
    Hi I'm having trouble producing certificates for delegates to a live event. ...
    3 Replies
    Posted on Wednesday, 13 November 2019
  • New