@Findus23
opened this Issue on October 26th 2018
@Findus23
Specifying an offset != 0 returns the following error:
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'OFFSET 2' at line 7
index.php?module=API&method=UsersManager.getUsersPlusRole&idSite=1&offset=2&format=JSON&token_auth=THETOKEN
This is not an SQL injection, but rather a constant error because of a misformed SQL query. (probably because of the fact that setting an offset doesn't make that much sense with this API).
This Issue was closed on November 26th 2018