intellitech
  intellitech
Gold Member
  Thursday, 25 March 2021
  3 Replies
  1.4K Visits
0
Votes
Undo
Please see the attached scanned report and do the needful ASAP.
3 years ago
·
#221334
0
Votes
Undo
Thank you for highlighting this issue.

I see where this message is coming from and I can assure you that it is not exploitable as an SQL injection because the input is filtered and any SQL or Javascript is removed and the error is caught in the code. What is incorrect is to output an error message as opposed to silently returning no results.

I will resolve this in the next release due in the next few days

JEvents Club members can get priority forum support at the Support Forum. As well as access to a variety of custom JEvents addons and benefits. Join the JEvents club today!

3 years ago
·
#221307
0
Votes
Undo
Can you please confirm your RSVP Pro Version for testing?

Many thanks
Tony

JEvents Club members can get priority forum support at the Support Forum. As well as access to a variety of custom JEvents addons and benefits. Join the JEvents club today!Join the JEvents club today!

3 years ago
·
#221263
0
Votes
Undo
What's new about this vulnerability?
  • Page :
  • 1
There are no replies made for this post yet.

Members Area

Show your support

Unlike many Joomla calendars we do not charge to download JEvents - please show your support for this project by becoming a member of the JEvents Club Club members get access to early releases, exclusive member support forums, and Silver and Gold members can use many exciting JEvents addons

Your membership will ensure that JEvents continues to be the best events calendar for Joomla.