| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 25 May 2006 07:04:46 -0000 From: ajannhwt@...mail.com To: bugtraq@...urityfocus.com Subject: Tamber Forum <= 1.9.13 Multiple SQL Injection Vulnerabilities ENGLISH # Title : Tamber Forum <= 1.9.13 Multiple SQL Injection Vulnerabilities # Author : ajann # Exploit; SQL INJECTİON-------------------------------------------------------- ###http://[target]/[path]/show_forum.asp?frm_id=55'SQL TEXT ###http://[target]/[path]/forum_search.asp SEARCH FOR:SQL TEXT ###http://[target]/[path]/admin/index.asp Email address: SQL TEXT Password: SQLTEXT ###http://[target]/[path]/browse_forum_cat.asp?frm_cat_id=1 SQL TEXT ###post_message.asp Message Subject: SQL TEXT Message Text: SQL TEXT . .. ..... # ajann,Turkey TURKISH # Baslık : Tamber Forum <= 1.9.13 Multiple SQL Injection Vulnerabilities # Açığı Bulan : ajann # Açık bulunan dosyalar; ###http://[target]/[path]/show_forum.asp?frm_id=55'SQL SORGUNUZ ###http://[target]/[path]/forum_search.asp SEARCH FOR:SQL SORGUNUZ ###http://[target]/[path]/admin/index.asp Email address: SORGUNUZ Password: SORGUNUZ ###http://[target]/[path]/browse_forum_cat.asp?frm_cat_id=1 SQL SORGUNUZ ###post_message.asp Message Subject: SORGUNUZ Message Text: SORGUNUZ . .. ..... Acıklama: Kısacası bütün dosyalarda : ) bulunan filtrelem eksikliği nedeniyle dbden bilgi cekilebilmektedir. # ajann,Turkiye
Powered by blists - more mailing lists