From what I understand, Yii was set up to prevent sql injections due to model posting. However, when running an Acunetix scan on my site (development mode), it is claiming a successful injection on our registration page (email form input). I can’t replicate the error (ie, the form correctly has an error validation since the sql injection is not valid email address). Has anyone experienced this or can comment on Yii as relates to SQL injections if we are using the Yii framework standard model->table mapping, so no actual SQL commands in our code)? Thanks.
This is what the Acunetix report shows. To be clear, I haven’t been able to replicate the injection myself, so trying to understand how/why Acunetix can do it.
Details
/testit2/index.php
URL encoded POST input User%5bemail%5d was set to 'and(select 1 from(select count(*),concat((select
concat(CHAR(52),CHAR(67),CHAR(117),CHAR(71),CHAR(89),CHAR(51),CHAR(119),CHAR(106),CHAR(71),CHAR(80
),CHAR(48)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by
x)a)and'
Injected pattern found: 4CuGY3wjGP0