BugTraq
Back to list
|
Post reply
Re: PHP BB bug
Jul 15 2004 08:04PM
micheal (at) michealcottingham (dot) com [email concealed] (micheal michealcottingham com)
Actually, I found that it doesn't matter if an SQL query is there or not.
Example:
http://www.example.com/viewtopic.php?t=12345&highlight=bug,%20*
Something like:
http://www.example.com/viewtopic.php?t=12345&highlight=bug,*
does not work however. There doesn't _appear_ to be any exploit here,
though granted I did not check this a great deal.
--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Example:
http://www.example.com/viewtopic.php?t=12345&highlight=bug,%20*
Something like:
http://www.example.com/viewtopic.php?t=12345&highlight=bug,*
does not work however. There doesn't _appear_ to be any exploit here,
though granted I did not check this a great deal.
--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .
[ reply ]