centstorage and backslash issue #1251

centreon · 2011-09-26T09:28:03Z

Author Name: Sylvestre Ho (Sylvestre Ho)
Original Redmine Issue: 2653, https://forge.centreon.com/issues/2653
Original Date: 2011-09-26
Original Assignee: Maximilien Bersoult

Hi,

There is no escaping method used in centstorage, could the door be opened to sql injections?
We should use quote methods as much as possible.

Also, the backslash issue doesn't seem to be solved as of version 2.2 and 2.3. Adding quote methods does solve the problem!

This change requires some solid testing before validation though.

centreon · 2011-09-26T11:32:26Z

Original Redmine Comment
Author Name: Sylvestre Ho (Sylvestre Ho)
Original Date: 2011-09-26T11:32:26Z

trunk => revision r12534

centreon · 2011-09-26T11:59:10Z

Original Redmine Comment
Author Name: Sylvestre Ho (Sylvestre Ho)
Original Date: 2011-09-26T11:59:10Z

branch 2.2.x => revision r12536

I'll leave this case open until validation

centreon · 2011-10-03T11:11:14Z

Original Redmine Comment
Author Name: Sylvestre Ho (Sylvestre Ho)
Original Date: 2011-10-03T11:11:14Z

Max,

Could you please proceed with a migration (2.1.x => 2.3.0) and make sure that metrics that contain #S# and #BS# are properly carried over and that CentStorage keeps graphing properly afterwards.

Thanks :-)

centreon added Status: Closed labels Jul 24, 2015

centreon added this to the Centreon-2.3 milestone Jul 24, 2015

centreon closed this as completed Jul 24, 2015

snyk-bot mentioned this issue Nov 9, 2021

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#140

Open

snyk-bot mentioned this issue Feb 12, 2022

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#149

Open

snyk-bot mentioned this issue Mar 10, 2022

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#156

Open

rc042 mentioned this issue Sep 1, 2022

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#158

Open

rc042 mentioned this issue Sep 9, 2022

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#163

Open

snyk-bot mentioned this issue Sep 17, 2022

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#165

Open

rc042 mentioned this issue Oct 20, 2022

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#169

Open

snyk-bot mentioned this issue Mar 19, 2023

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#174

Open

snyk-bot mentioned this issue Apr 13, 2023

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#176

Open

rc042 mentioned this issue Sep 6, 2023

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#178

Open

rc042 mentioned this issue Nov 23, 2023

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#180

Open

This was referenced Jan 22, 2024

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#185

Open

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#189

Open

rc042 mentioned this issue May 19, 2024

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 rc042/centreon#192

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

centstorage and backslash issue #1251

centstorage and backslash issue #1251

centreon commented Sep 26, 2011

centreon commented Sep 26, 2011

centreon commented Sep 26, 2011

centreon commented Oct 3, 2011

centstorage and backslash issue #1251

centstorage and backslash issue #1251

Comments

centreon commented Sep 26, 2011

centreon commented Sep 26, 2011

centreon commented Sep 26, 2011

centreon commented Oct 3, 2011