magic_quotes

[Wojciech Pawlikowski <wojtek () vline pl>]

Hey,
I'm doing penetration test for some company using OSSTMM methodology.
During information gathering stage I've found some SQL injection bug
in their webapp. All I know is they've got some Oracle DB and Linux
webserver with mod_php4 module.
 
My problem is perhaps well known - is there any possibility to bypass
magic_quotes protection ? PHP is 4.3.2, but I don't remember any
vulnerability regarding magic_quotes in this version.

-- 
* Wojciech Pawlikowski :: <ducer at hard-core pl> :: NIC-HDL WP5161-RIPE *
* http://ducer.w00nf.org :: http://www.knockdownhc.com ::  Born to Hate  *