omnistar article manager [multiples injection sql]
Date: 8 Nov 2006 22:46:44 -0000
From: [email protected]
To: [email protected]
Subject: omnistar article manager [multiples injection sql]
X-Virus-Scanned: antivirus-gw at tyumen.ru
vendor site:http://www.omnistararticle.com/
product :omnistar article manager
bug:injection sql
risk : high
path:
/articles/comments.php?article_id='[sql]
/articles/article.php?op=save&article_id='[sql]
/articles/pages.php?page_id='[sql]
laurent gaffiИ & benjamin mossИ
http://s-a-p.ca/
contact: [email protected]
