Computer Security

Security Advisory: Oxygen<=1.x.x SQL injection
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SA19453] v-creator VCEngine.php Shell Command Injection Vulnerability

  [SA19483] Groupmax World Wide Web Cross-Site Scripting Vulnerability

  MonAlbum 0.8.7 SQL Injection

  MediaSlash Gallery 'rub' variable  Remote File inlcusion Vulnerability

From:dabdoub-mosikar_(at)_moroccan-security.com <dabdoub-mosikar_(at)_moroccan-security.com>
Date:31.03.2006
Subject:Oxygen<=1.x.x SQL injection

author: DaBDouB-MoSiKaR [Moroccan Security Team]
site: www.o2php.com
greetz to : [Moroccan Security Team] CiM-TeaM and All Freinds
Solution: intval()
exemple:
http://[target]/post.php?action=newthread&fid=[sql]
inbox:DaBDouB-MoSiKaR[at]moroccan-security[dot]com

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru