 | ||||
| << Previous | INDEX | Search | src / Print | Next >> |
| ||||
| |||||||||||||||
Date: 9 Nov 2007 11:38:55 -0000 From: [email protected] To: [email protected] Subject: xoops mylinks module - sql injection X-Virus-Scanned: antivirus-gw at tyumen.ru I have found a mysql injection vulnerability in mylinks xoops module brokenlink.php page where $_GET['lid'] is not validated by intval() or any other input validation. See: modules/mylinks/brokenlink.php?lid=1%20OR%201=2 or get an error of fetch in the page title
| |||||||||||||||
|
Закладки на сайте Проследить за страницей |
Created 1996-2025 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |