Quote:
Originally Posted by wjbrewer
The bench.php file is not correctly escaping the ' character in the URL parameter. Any SQL query should always sanitize the input before executing the query. This could potentially be a security issue. I would contact X-Cart for a patch.
Bill
|
thanks, bill, could you tell me how to hide the advance search link in home page, i just wish to show the input box and search button, thanks
albert