Author Topic: blind sql injection ---still  (Read 2477 times)

hologram333

  • Beginner
  • *
  • Posts: 2
blind sql injection ---still
« on: December 20, 2011, 21:04:29 pm »
I'm getting harrassed by securitymetrics.com on the blind sql injection.  Although I have virtuemart version 1.1.9 and the latest version of joomla 1.5.23..

Anyone else still having these issues?

They say:
The test is looking for the difference between these two pages. We are
> seeing A 404 page and a file not found page. Is there any reason we
> are seeing a difference in the locations below?

jenkinhill

  • UK Web Developer & Consultant
  • Global Moderator
  • Super Hero
  • *
  • Posts: 27846
  • Always on vacation
    • Jenkin Hill Internet
Re: blind sql injection ---still
« Reply #1 on: December 20, 2011, 23:41:23 pm »
Maybe a lack of 404 or 500 error reporting page in Joomla? See http://docs.joomla.org/Creating_a_Custom_404_Error_Page
Kelvyn

Jenkin Hill Internet,
Lowestoft, Suffolk, UK

Unsolicited PMs/emails will be ignored.

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

Currently using VM 3.8.4.10335 on Joomla 3.9.21 PHP 7.4.9

hologram333

  • Beginner
  • *
  • Posts: 2
Re: blind sql injection ---still
« Reply #2 on: January 11, 2012, 20:00:34 pm »
thanks, the instructions were helpful and I've passed the test, at least for this quarter.