omnistar article manager [multiples injection sql]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: omnistar article manager [multiples injection sql]
From: saps.audit@xxxxxxxxx
Date: 8 Nov 2006 22:46:44 -0000

vendor site:http://www.omnistararticle.com/
product :omnistar article manager
bug:injection sql
risk : high

path:
/articles/comments.php?article_id='[sql]
/articles/article.php?op=save&article_id='[sql]
/articles/pages.php?page_id='[sql]


laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit@xxxxxxxxx

Prev by Date: Call for papers: ARES 2007 submission deadline approaches in 2 weeks: 19-11-2006
Next by Date: [ MDKSA-2006:204 ] - Updated openssh packages fix vulnerability
Previous by thread: Call for papers: ARES 2007 submission deadline approaches in 2 weeks: 19-11-2006
Next by thread: [ MDKSA-2006:204 ] - Updated openssh packages fix vulnerability
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux