hack a search form with SQL injections
-
I have been using Ivory Search version 5.5.11 in the header for a while now. But recently this error is being logged. None of these terms exist in the database.
How do I fix the problem?[31-Aug-2025 13:04:05 UTC] WordPress database error The regular expression contains an unclosed bracket expression. for query SELECT SQL_CALC_FOUND_ROWS DISTINCT vir_posts.ID
FROM vir_posts
LEFT JOIN
(
vir_term_relationships
INNER JOIN
vir_term_taxonomy ON vir_term_taxonomy.term_taxonomy_id = vir_term_relationships.term_taxonomy_id
INNER JOIN
vir_terms ON vir_terms.term_id = vir_term_taxonomy.term_id
)
ON vir_posts.ID = vir_term_relationships.object_id
WHERE 1=1 AND vir_posts.ID NOT IN (5,6,7,8,11,38,47,49,53,62,76,1644) AND ( ((vir_posts.post_title REGEXP '\\b[[]b1232132111adcb1232132111adcb1232132111adcb1232132111adcb12321321|[[]b1232132111adcb1232132111adcb1232132111adcb1232132111adcb12321321\\b') OR (vir_posts.post_content REGEXP '\\b[[]b1232132111adcb1232132111adcb1232132111adcb1232132111adcb12321321|[[]b1232132111adcb1232132111adcb1232132111adcb1232132111adcb12321321\\b' AND vir_posts.post_password = '') OR (vir_posts.post_excerpt REGEXP '\\b[[]b1232132111adcb1232132111adcb1232132111adcb1232132111adcb12321321|[[]b1232132111adcb1232132111adcb1232132111adcb1232132111adcb12321321\\b'))) AND vir_posts.post_type IN ('download', 'page', 'post') AND ((vir_posts.post_status = 'publish' OR vir_posts.post_status = 'inherit')) OR (
vir_term_taxonomy.taxonomy IN( 'category', 'post_tag' )
AND
vir_terms.name LIKE '%[b1232132111adcb1232132111adcb1232132111adcb1232132111adcb12321321%'
AND vir_posts.post_status IN( 'publish' )
)
GROUP BY vir_posts.ID
ORDER BY vir_posts.post_title LIKE '%[b1232132111adcb1232132111adcb1232132111adcb1232132111adcb12321321%' DESC, vir_posts.post_date DESC
LIMIT 0, 6 made by require('wp-blog-header.php'), wp, WP->main, WP->query_posts, WP_Query->query, WP_Query->get_posts
[31-Aug-2025 13:46:42 UTC] WordPress database error The regular expression contains an unclosed bracket expression. for query SELECT SQL_CALC_FOUND_ROWS DISTINCT vir_posts.ID
FROM vir_posts
LEFT JOIN
(
vir_term_relationships
INNER JOIN
vir_term_taxonomy ON vir_term_taxonomy.term_taxonomy_id = vir_term_relationships.term_taxonomy_id
INNER JOIN
vir_terms ON vir_terms.term_id = vir_term_taxonomy.term_id
)
ON vir_posts.ID = vir_term_relationships.object_id
WHERE 1=1 AND vir_posts.ID NOT IN (5,6,7,8,11,38,47,49,53,62,76,1644) AND ( ((vir_posts.post_title REGEXP '\\b[[]加护|[[]加护\\b') OR (vir_posts.post_content REGEXP '\\b[[]加护|[[]加护\\b' AND vir_posts.post_password = '') OR (vir_posts.post_excerpt REGEXP '\\b[[]加护|[[]加护\\b')) AND ((vir_posts.post_title REGEXP '\\b身为老祖宗的巨乳萝莉跑来要帮我生小孩|身为老祖宗的巨乳萝莉跑来要帮我生小孩\\b') OR (vir_posts.post_content REGEXP '\\b身为老祖宗的巨乳萝莉跑来要帮我生小孩|身为老祖宗的巨乳萝莉跑来要帮我生小孩\\b' AND vir_posts.post_password = '') OR (vir_posts.post_excerpt REGEXP '\\b身为老祖宗的巨乳萝莉跑来要帮我生小孩|身为老祖宗的巨乳萝莉跑来要帮我生小孩\\b'))) AND vir_posts.post_type IN ('download', 'page', 'post') AND ((vir_posts.post_status = 'publish' OR vir_posts.post_status = 'inherit')) OR (
vir_term_taxonomy.taxonomy IN( 'category', 'post_tag' )
AND
vir_terms.name LIKE '%[加护] 身为老祖宗的巨乳萝莉跑来要帮我生小孩%'
AND vir_posts.post_status IN( 'publish' )
)
GROUP BY vir_posts.ID
ORDER BY (CASE WHEN vir_posts.post_title LIKE '%[加护] 身为老祖宗的巨乳萝莉跑来要帮我生小孩%' THEN 1 WHEN vir_posts.post_title LIKE '%[加护]%' AND vir_posts.post_title LIKE '%身为老祖宗的巨乳萝莉跑来要帮我生小孩%' THEN 2 WHEN vir_posts.post_title LIKE '%[加护]%' OR vir_posts.post_title LIKE '%身为老祖宗的巨乳萝莉跑来要帮我生小孩%' THEN 3 WHEN vir_posts.post_excerpt LIKE '%[加护] 身为老祖宗的巨乳萝莉跑来要帮我生小孩%' THEN 4 WHEN vir_posts.post_content LIKE '%[加护] 身为老祖宗的巨乳萝莉跑来要帮我生小孩%' THEN 5 ELSE 6 END), vir_posts.post_date DESC
LIMIT 0, 6 made by require('wp-blog-header.php'), wp, WP->main, WP->query_posts, WP_Query->query, WP_Query->get_posts
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
The topic ‘hack a search form with SQL injections’ is closed to new replies.
