Re: SQL injection in Invision Power Board v2.1.5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: SQL injection in Invision Power Board v2.1.5
From: mattmecham@xxxxxxxxx
Date: 7 Mar 2006 10:07:28 -0000

I've tested this and cannot get SQL to execute. The "s" parameter is run past PHP's intval() which knocks off anything that's not a number.

Can you explain how you got this to work?

Prev by Date: [SECURITY] [DSA 987-1] New tar packages fix arbitrary code execution
Next by Date: IM Lock 2006 - Insecure Registry Permission Vulnerability
Previous by thread: SQL injection in Invision Power Board v2.1.5
Next by thread: Re: SQL injection in Invision Power Board v2.1.5
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux