Full Disclosure mailing list archives
www.Demolay.org - full disclosure sql injection vulnerability
From: Malice Anonymous <malice.anon () gmail com>
Date: Thu, 8 Apr 2010 14:15:49 -0400
Vulnerable URL /d_wnl_ads/?did=14&dc=1&gid=28 Users: demolaymain demolaystore phpmyadmin root Tables from DEMOLAY database ADVISOR_TYPE......WORK_GROUP_PERMISSION (75 tables) This ought to be fixed, SWIM tells me there's tons of personal stuff in these tables.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- www.Demolay.org - full disclosure sql injection vulnerability Malice Anonymous (Apr 08)