lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: 11 Nov 2005 11:45:49 -0000 From: A.1.M@...mail.com To: bugtraq@...urityfocus.com Subject: SQL injection in phpWebThing 1.4.4 Vulnerable: phpWebThings 1.4.4 website : http://phpwebthings.org The bug in download.php ThE Exploit : http://www.target.com/download.php?file=|SQL ThE Error: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'order by date DESC' at line 1 AhLaM http://www.lezr.com/vb Best Regards ,,,