You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
240
switch ($type) {
241
case 'all':
242
1return $this->getAll($sql);
243
case 'keyval':
244
return $this->getKeyValue($sql);
245
case 'assoc':
246
return $this->getAssoc($sql, true);
247
default:
#Description #
This code is vulnerable to SQL injection because the application receives data from the user or a third-party service and inserts it into a database query without sanitizing it first. It's a critical vulnerability.
The text was updated successfully, but these errors were encountered:
Vulnerable Line :
SQL Injection has been found. Change this code to no longer construct SQL queries directly from user-controlled data.
Calling method \iaDb,1::getAll(["var"]) in (216)\iaDb,1::_get(["row","MAX(order)","var","var","1"]) that outputs using tainted argument #1 ($sql).
Infected Line : 242
238
$sql = 'SELECT ' . $stmtFields . ' FROM ' . $this->_table . ' ' . $condition;
239
240
switch ($type) {
241
case 'all':
242
1return $this->getAll($sql);
243
case 'keyval':
244
return $this->getKeyValue($sql);
245
case 'assoc':
246
return $this->getAssoc($sql, true);
247
default:
#Description #
This code is vulnerable to SQL injection because the application receives data from the user or a third-party service and inserts it into a database query without sanitizing it first. It's a critical vulnerability.
The text was updated successfully, but these errors were encountered: