myblog-sql.txt

MyBlog: PHP and MySQL Blog/CMS software suffers from SQL injection and cross site scripting vulnerabilities.
books categories falcon father of falcon img 0498 2 jim starkey misc news pbxt technology thanks to jim theopenforce combooks, categories, falcon, father of falcon, img 0498 2, jim starkey, […]

Protect your application against SQL injections part 1

The problem of using ID’s is if they aren’t validated, bad guys and girls can spy, change or destroy your database by manipulating the SQL query. This attack is called SQL injection. An example to get the field “title” in the row with …
vulnerability securityvulnerability security
See the rest here: Protect your application against […]

XSS in mysql_error()

Cool, now he got rid of the SQL injection. But something else happened. I did not realize this until last night when i was testing a friend’s site. I tried an SQL injection and I saw that he properly sanitized the code, …
exploit mp3 port port 1025 port 1029 exploit […]

[waraxe-2007-SA#059] - XSS in WordPress 2.3

“register_globals” must be “on” for this exploit to be successful. Proof of concept:. http://victim.com/wp-admin/edit-post-rows.php?posts_columns[]=alert(123);. //—–> See ya soon and have a nice day
See the rest here: [waraxe-2007-SA#059] - XSS in WordPress 2.3
adl asap atom bugtraq security focus edit me edit post email post permanent link rsd […]

MS Access SQL Injection Cheat Sheet.

You probably know my MySQL injection cheat sheet, but you may not know that Daath released his new MS Access SQL Injection Cheat Sheet. And oh boy, it is good! Mostly because MS Access SQL injection is somewhat undervalued, …
password securitypassword security
Read the original here: MS Access SQL Injection Cheat Sheet.
bull firefox google […]