Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src / Print Next >>

Date: 13 Apr 2006 21:34:36 -0000
From: [email protected]
To: [email protected]
Subject: PowerClan 1.14 - SQL Injection
X-Virus-Scanned: antivirus-gw at tyumen.ru

PowerClan 1.14 - SQL Injection
--------------------------------------------------------
Software: PowerClan 1.14
Version: 1.14
Type:  SQL Injection
Date: Apr 13 23:37:50 CEST 2006
Vendor: powerscripts.org
Page: http://www.powerscripts.org
Risc: min

credits:
----------------------------
d4igoro - d4igoro[at]gmail[dot]com
http://d4igoro.blogspot.com/

vulnerability:
----------------------------
magic_quotes_gpc = off
http://[target]/member.php?pcpage=showmember&memberid=[SQL]

solution:
----------------------------
member.php
fix $memberid

notes:
----------------------------
The vendor has been informed.

<< Previous INDEX Search src / Print Next >>

Партнёры:

Хостинг: