#13264 fixed sql injection

2024-04-23 17:01:47 +02:00 · 2024-04-23 17:01:47 +02:00 · 6d33c36cb0
parent 64013c0416
commit 6d33c36cb0
1 changed files with 1 additions and 1 deletions
--- a/pandora_console/include/functions_events.php
+++ b/pandora_console/include/functions_events.php
@ -1193,7 +1193,7 @@ function events_get_all(
                    ($key === 0) ? '' : $nexo,
                    $field,
                    $not_search,
-                    io_safe_output($filter['search'])
+                    str_replace('"', '', io_safe_output($filter['search'])),
                );
                $sql_search .= ' ';
            }