SQL Injection

Eduardo López asked on May 8, 2019 00:40

Hi everyone!

Any of you have the vulnerability of SQL Injection on the search bar? I'm having detected by a security scan.



Recent Answers

Brenden Kehren answered on May 8, 2019 08:39

What is your scan showing for an error?

1 votesVote for this answer Mark as a Correct answer

David te Kloese answered on May 8, 2019 12:48

Only thing I can imagine from your sample link is that the %27 %22 (single and double quote) get rendered on your page. Meaning it potentially could be used to mess with queries.

If you haven't changed anything else Kentico queries would make sure these are escaped from queries.

If you changed anything or want to check the code have a look at the documentation here: docs.kentico.com/k12/.../sql-injection

Secondly most likely it gets rendered on your page you might be vulnerable for XSS. You probably have a "you searched for [keyword]" somewhere on your search results page.

Also a chapter in the documentation: docs.kentico.com/k12/.../cross-site-scripting-xss

Depending on your implementation it comes down to make sure you use one of the following:

  • HTMLHelper.HTMLEncode() - encodes HTML tags, replaces the < and > chars with their HTML entities.
  • QueryHelper.GetText() - gets a HTML encoded string from the query string.
  • ScriptHelper.GetString() - replaces special chars like apostrophes (alt+39).
  • Use the HTMLEncode() transformation function.
0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.