PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-08 05:31:32 +00:00
Code Issues Projects Releases Wiki Activity

Major bug fix to properly deal with EXISTS() when forging query or retrieving the query columns.

Browse Source
This commit is contained in:
Bernardo Damele
2011-01-17 23:43:37 +00:00
parent c2a358561f
commit 3822b494ea
5 changed files with 28 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/techniques/inband/union/use.py
View File

@@ -95,7 +95,7 @@ def unionUse(expression, direct=False, unescape=True, resetCounter=False, unpack
expression = unescaper.unescape(expression)
if kb.injection.data[PAYLOAD.TECHNIQUE.UNION].where == 2 and not direct:
_, _, _, _, _, expressionFieldsList, expressionFields = agent.getFields(origExpr)
_, _, _, _, _, expressionFieldsList, expressionFields, _ = agent.getFields(origExpr)
# We have to check if the SQL query might return multiple entries
# and in such case forge the SQL limiting the query output one