Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

www.Demolay.org - full disclosure sql injection vulnerability

From: Malice Anonymous <malice.anon () gmail com>
Date: Thu, 8 Apr 2010 14:15:49 -0400
Vulnerable URL
/d_wnl_ads/?did=14&dc=1&gid=28

Users:
demolaymain
demolaystore
phpmyadmin
root

Tables from DEMOLAY database

ADVISOR_TYPE......WORK_GROUP_PERMISSION (75 tables)

This ought to be fixed, SWIM tells me there's tons of personal stuff in
these tables.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: