1. Jean Machuron
  2. Sherlock Holmes
  3. Bug report
  4. Thursday, 29 August 2019
  5.  Subscribe via email
Hello

We have an hotspot pro install working fine but since a couple of days some people try to hack it by directly adding parameters/words to the main hotspots page.
This provokes an sql error for now but we would like to fix it before it could give access to something else ?
To explain, the main map is at https://activ-ha.com/c/ and any correct address would be https://activ-ha.com/c/#something.
however attackers try to access https://activ-ha.com/c/somethingelse which gives a 1064 sql error :
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ') AND type_alias = 'com_hotspots.hotspot'' at line 3

Can you let me know how to solve this ?

Thanks
Jean


There are %s replies to this question. If you want to see them you need a valid subscription.
If you have a valid subscription, please login now.
Visit store now
Sorry, the discussion is currently locked. You will not be able to post a reply or a comment at the moment.

Last questions

CMC - Mailchimp for Joomla fails to Sync with Vir
Hello, I just installed CMC - Mailchimp for Joomla. I added the token to the co...
14 Replies
Posted on Tuesday, 04 February 2020
  • #500
A bug collection
https://www.certifiedinfosec.com/events I'm doing off-line credit card proces...
0 Replies
Posted on Friday, 28 February 2020
  • New
  • if ##COM_MATUKIO_FIELDS_TITLE## is set to show per
    I have ##COM_MATUKIO_FIELDS_TITLE## set to show per seat in the default booking ...
    8 Replies
    Posted on Thursday, 28 November 2019
    Your compojoom.com site certificate has expired.
    FYI - Your compojoom.com site certificate has expired. Noticed when the update s...
    3 Replies
    Posted on Monday, 24 February 2020
  • Resolved
  • New
  • Black page instead of StreetView
    Hello, StreetView on my web site stopped working, shows only black background. ...
    10 Replies
    Posted on Thursday, 19 December 2019
  • Resolved