[wp-trac] [WordPress Trac] #4692: Wordpress /edit-comments.php Database Error (Bug)

WordPress Trac wp-trac at lists.automattic.com
Tue Jul 31 20:09:58 GMT 2007

#4692: Wordpress /edit-comments.php Database Error (Bug)
 Reporter:  BenjaminFlesch  |       Owner:  anonymous
     Type:  defect          |      Status:  new      
 Priority:  normal          |   Milestone:           
Component:  Administration  |     Version:  2.2.1    
 Severity:  normal          |    Keywords:           
 In /edit-comments.php, the parameter apage is not properly sanitized
 before it is used to calculate the rows from which Wordpress tries to pull
 the comments from.

 So in case apage has a negative numerical value, Wordpress throws a
 Database Error caused by an corrupted SQL Query which can be seen in the
 picture. It tries to SELECT all data from the table between rows -40 and
 25, and this - of course - does not work ;)

Ticket URL: <http://trac.wordpress.org/ticket/4692>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list