Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Date: 15 Dec 2004 15:28:53 -0000
From: shervin khaleghjou <oil_karchack@yahoo.com.>
To: [email protected]
Subject: iwebnegar is vulnerable to all kind of sql injections



----------------www.karchack.com----------------
----------------www.karchack.net----------------
describtion :
iwebnegar is farsi weblog software written in php 
http://iwebnegar.co.sr

---------

vulnerabilities :
all files seems to be vulnerable such as comments.php , index.php and also administrator login page
-------------

proof of concept :
for example you can use this link to inject the sql server
http://site/weblog/index.php?string=&#091;sql injection code]
----------------


www.karchack.com
www.karchack.net

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Партнёры:

Хостинг: