lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20051216054100.1339.qmail@securityfocus.com>
Date: 16 Dec 2005 05:41:00 -0000
From: stranger-killer@...mail.com
To: bugtraq@...urityfocus.com
Subject: phpCOIN-1.2.2-Full-2005 SQL Injection


This bug can't exploited cuz the sql injection is after [ ORDER BY ]
and then we can't do UNION SELECT with MySQL Server
if the Server is MS-SQL try to do this

0,0;[ New SQL Query ]

//------------//

File Name :- \coin_modules\articels\articles_funcs.php
Line      :- 187
Var       :- $_rec_next
Fix       :-

Line 184 Add This
$_rec_next = intval($_rec_next);
//-----------//
/home/mod.php?mod=articles&mode=list&rec_next=[SQL]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ