Could not find a thread about it here yet - from this thread at vBGermany. What about the exploit posted at Security Focus (http://www.securityfocus.com/archive/1/492290)? For me, the example query at least generates a database error (which then triggers an email) - so at least this should be fixed. Any word from a developer? What Martin said in that thread on securityfocus.com doenst seem to be completely true.



Comment