[WM20] - Security Alert: Fixing a SQL Injection Vulnerability - WINDEV 2024 - Foro de desarrolladores

FOROS PROFESIONALES
WINDEV, WEBDEV y WINDEV Mobile

Inicio

Mensajes recientes

Conéctese...

Español

Inicio → WINDEV 2024 → [WM20] - Security Alert: Fixing a SQL Injection Vulnerability

[WM20] - Security Alert: Fixing a SQL Injection Vulnerability

Iniciado por guest, 20,jun. 2018 06:42 - 1 respuesta

guest

Publicado el 20,junio 2018 - 06:42

Hello,

I just updated an app that is posted on app store and it is (or rather was) working just fine. But after uploading the new version I get following message from Google:
Quote

Security alert

Your app contains a SQL Injection Vulnerability. Please see this Google Help Center article for details.

Vulnerable classes:

Lfr/pcsoft/wdjava/ui/searchbar/WDSearchHistory;->delete

Please fix the issue before: 08/28/2018

Affects APK version 244.

For accessing MySQL data on server I am using PHP4WM library from SQLManagerX.com.

Any ideas as to how to solve this problem?

TIA

Informar

Debe estar conectado para evaluar este mensaje

guest

Publicado el 20,junio 2018 - 12:17

Hi

considering that you wont be able to publish ANYTHING in the google play store this summer (minimum apk level not supported by WM 20), I'm guessing that you will sove both problems the same way : upgrading the version of WinDev Mobile...

PCSoft explains all of that in details on their web site :
https://blogs.pcsoft.fr/fr/aout-2018-google-demande-relever-niveau-api-cible-applications-android-afin-deployer-play-store/281474976710739/read.awp…

Best regards

Informar

→ Volver a WINDEV 2024