potential sql injection vulnerability in members
|Reported by:||heurix@…||Owned by:|
Description (last modified by cash)
In mod/members/pages/members/search.php, there is a potential sql injection vulnerability on $name (line 22: $name = get_input('name'). It needs to be santized before being passed to the 'wheres' array.