[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BAY19-DAV3246B50D30EA019DE8246D95B0@phx.gbl>
Date: Sun Nov 13 03:27:55 2005
From: se_cur_ity at hotmail.com (Morning Wood)
Subject: FAO Mark Murtagh from Websense
>First you missed the comment where I fixed my typo on the thread,
>second, I thought someone of your "hacking" experience, you would have
>been able to translate that message by yourself. In any case, I made
umm, no I doubt I missed anything except your contentless dribble.
but I did notice the "error" of the web application... not only is it
vulnerable to SQL injection, it is also vuln to XSS. Possibly
you would like to enroll in a Zone-H Hands on Hacking Seminar
so you too might be able to understand them too, instead of filling this
list with your paranoid, meglomanic rants.
http://www.biosmagazine.co.uk/op.php?id=314;ok<br>omg<br><b>n3td3v</b>%20rox<br>%20<br>
http://www.nccgroup.com/events/index.aspx
>On 11/13/05, Morning Wood <se_cur_ity@...mail.com> wrote:
> Content Query has failed - SELECT
> opinion.body,opinion.author,opinion.auth_title,opinion.auth_comp,
>
opinion.ptime,opinion.headline,opinion.category,opinion.active,opinion.forum
> , prod_type.name as prod_type, prod_type.id as prod_type_id FROM opinion,
> prod_type WHERE opinion.id = 314\\ AND opinion.active = 1 AND
opinion.ptime
> < 1131846681 AND opinion.category = prod_type.id
>
> sweet!
>
Powered by blists - more mailing lists