RSS FullRecent Posts
- Michael Sharman - chapter31 » cfqueryparam does not work in ORDER …
- PHP-Fusion Mod triscoop_race_system (raceid) Remote SQL Injection …
- MySQL Dumper | Dropsec
- PHP Security: SQL Injection | Zend PHP 5 Certification Blog
- PHP Security: SQL Injection | Zend PHP 5 Certification Blog
Recent Comments
- luca on XSS in mysql_error()
- Jacob Tuscon on SQL Power Injector 1.2 released - TechRepublic
- MySQL Security » MySQL Security Update Fixes Restrictions Bypass and Library … on MySQL Security Update Fixes Restrictions Bypass and Library ...
xoops mylinks module - sql injection
Published by | Filed under module, xoops-mylinks, focus, bugtraq-security, module-sql, edit-me, injection, bugtraq-security-focus, sql, atom, mysql
I have found a mysql injection vulnerability in. mylinks xoops module. brokenlink.php page where. $_GET[’lid’] is not validated by intval() …
The rest is here: xoops mylinks module - sql injection
atom bugtraq security bugtraq security focus edit me focus injection module module sql mysql sql xoops […]
November 9th, 2007. Comment now »
[waraxe-2007-SA#059] - XSS in WordPress 2.3
Published by | Filed under email-post, rsd, adl, asap, permanent-link, utf, atom, xss, edit-me, edit-post, bugtraq-security-focus
“register_globals” must be “on” for this exploit to be successful. Proof of concept:. http://victim.com/wp-admin/edit-post-rows.php?posts_columns[]=alert(123);. //—–> See ya soon and have a nice day
See the rest here: [waraxe-2007-SA#059] - XSS in WordPress 2.3
adl asap atom bugtraq security focus edit me edit post email post permanent link rsd […]
October 27th, 2007. Comment now »
