possible sql injection vulnerability
Brought to you by:
tsvetozar
line 29 of hit.php reads:
phpcounter($_GET["name"]);
function phpcounter() in inc.php reads:
function phpcounter($name)
{
global $Referer, $LocalPage;
$rs = mysql_query("select * from phpcounters where name='$name'");
...
replace line 29 of hit.php with:
phpcounter(preg_replace('/[^\w]+/','',$_GET["name"])); // filter input
to filter out any characters besides a-zA-Z0-9_ (word characters "\w")
you can adjust the regular expression to your liking, but always deny ' ` " characters