Bugtraq mailing list archives
Re: Re: [Aria-Security Team] uGestBook SQL Injection Vuln
From: saps.audit () gmail com
Date: 5 Dec 2006 21:29:44 -0000
well actually there no injection sql in the var : -page -block it's just an error for type mismatch ... ( Microsoft VBScript runtime error '800a000d' Type mismatch: '[string: "query_blabla"]' i think those guys ( aria ) doesn't understand the difference between an error sql and a injection sql... wich i found funny for a security team ;P
Current thread:
- [Aria-Security Team] uGestBook SQL Injection Vuln Advisory (Dec 04)
- <Possible follow-ups>
- Re: [Aria-Security Team] uGestBook SQL Injection Vuln Stuart Moore (Dec 05)
- Re: Re: [Aria-Security Team] uGestBook SQL Injection Vuln saps . audit (Dec 05)