BugTraq
Back to list
|
Post reply
SQL IN Open Bulletin Board
Aug 08 2005 11:03AM
ABDUCTER_MINDS YAHOO COM
(1 replies)
Re: SQL IN Open Bulletin Board
Aug 10 2005 03:35AM
security curmudgeon (jericho attrition org)
Each of these has been previously disclosed it seems:
: discussion :- there is many sql in
: (board.php) as wwww.victim.com/openbb/board.php?FID=[sql]
2004-04-24
http://www.gulftech.org/04242004.php
: (read.php) as www.victim.com/openbb/read.php?TID=[sql]
2005-05-12
http://archives.neohapsis.com/archives/bugtraq/2005-05/0175.html
: (member.php) as www.victim.com/openbb/member.php?action=profile&UID=[sql]
2004-04-24
http://www.gulftech.org/04242004.php
I don't see any indication they were ever fixed, even though a year+ old.
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Each of these has been previously disclosed it seems:
: discussion :- there is many sql in
: (board.php) as wwww.victim.com/openbb/board.php?FID=[sql]
2004-04-24
http://www.gulftech.org/04242004.php
: (read.php) as www.victim.com/openbb/read.php?TID=[sql]
2005-05-12
http://archives.neohapsis.com/archives/bugtraq/2005-05/0175.html
: (member.php) as www.victim.com/openbb/member.php?action=profile&UID=[sql]
2004-04-24
http://www.gulftech.org/04242004.php
I don't see any indication they were ever fixed, even though a year+ old.
[ reply ]