Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security issue about SQL injection attacks #91

Open
vunguyendhSTS opened this issue Apr 26, 2023 · 0 comments
Open

Security issue about SQL injection attacks #91

vunguyendhSTS opened this issue Apr 26, 2023 · 0 comments

Comments

@vunguyendhSTS
Copy link

Hi team

my application scanned by security team and we got issue about SQL injection attacks with description:

io/agora/utils/SqliteWrapper.java :

this.db.execSQL("delete from "" + str + "" where key = "" + str2 + "";");

When i'm trying to view actually happens inside SqliteWrapper.java by import io.agora.utils.moduleName then i just see 3 moduleName are:
NetUtils
ThreadUtils
HttpRequest

my question is where the SQL command is and how can i view it and fix with parameter the SQL

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant