Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
bug #4598 [security] XSS in multi submit
Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com>
  • Loading branch information
madhuracj committed Nov 20, 2014
1 parent 80cd40b commit 2a3b739
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 3 deletions.
1 change: 1 addition & 0 deletions ChangeLog
Expand Up @@ -18,6 +18,7 @@ phpMyAdmin - ChangeLog
- bug #4578 [security] XSS vulnerability in table print view
- bug #4579 [security] XSS vulnerability in zoom search page
- bug #4594 [security] Path traversal in file inclusion of GIS factory
- bug #4598 [security] XSS in multi submit

4.2.11.0 (2014-10-31)
- bug ReferenceError: Table_onover is not defined
Expand Down
7 changes: 4 additions & 3 deletions libraries/mult_submits.lib.php
Expand Up @@ -554,13 +554,14 @@ function PMA_getQueryFromSelected($what, $db, $table, $selected, $action, $views
foreach ($selected as $sval) {
switch ($what) {
case 'row_delete':
$full_query .= 'DELETE FROM ' . PMA_Util::backquote($db)
. '.' . PMA_Util::backquote($table)
$full_query .= 'DELETE FROM '
. PMA_Util::backquote(htmlspecialchars($db))
. '.' . PMA_Util::backquote(htmlspecialchars($table))
// Do not append a "LIMIT 1" clause here
// (it's not binlog friendly).
// We don't need the clause because the calling panel permits
// this feature only when there is a unique index.
. ' WHERE ' . urldecode($sval)
. ' WHERE ' . urldecode(htmlspecialchars($sval))
. ';<br />';
break;
case 'drop_db':
Expand Down

0 comments on commit 2a3b739

Please sign in to comment.