Full Disclosure mailing list archives

Re: Indianapolis Superbowl 2012 - SQL Injection Vulnerabilities

From: Julius Kivimäki <julius.kivimaki () gmail com>
Date: Fri, 10 Feb 2012 14:56:01 +0200

http://www.indianapolissuperbowl.com/view-release.php?id=42

2012/2/10 research () vulnerability-lab com <research () vulnerability-lab com>

Title:
======
Indianapolis Superbowl 2012 - SQL Injection Vulnerabilities


Date:
=====
2012-02-06



VL-ID:
=====
418


Abstract:
=========
Alexander Fuchs discovered 2 remote SQL Injection Vulnerabilities on the
official website of Indianapolis Superbowl 2012 (US).


Status:
========
Verified by Laboratory


Severity:
=========
High


Disclaimer:
===========
The information provided in this advisory is provided as it is without any
warranty. Vulnerability-Lab disclaims all warranties,
either expressed or implied, including the warranties of merchantability
and capability for a particular purpose. Vulnerability-
Lab or its suppliers are not liable in any case of damage, including
direct, indirect, incidental, consequential loss of business
profits or special damages, even if Vulnerability-Lab or its suppliers
have been advised of the possibility of such damages. Some
states do not allow the exclusion or limitation of liability for
consequential or incidental damages so the foregoing limitation
may not apply. Any modified copy or reproduction, including partially
usages, of this file requires authorization from Vulnerability-
Lab. Permission to electronically redistribute this alert in its
unmodified form is granted. All other rights, including the use of
other media, are reserved by Vulnerability-Lab or its suppliers.

                                               Copyright ©
2012|Vulnerability-Lab


--
Website: www.vulnerability-lab.com ; vuln-lab.com or vuln-db.com
Contact: admin () vulnerability-lab com or support () vulnerability-lab com


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Indianapolis Superbowl 2012 - SQL Injection Vulnerabilities research () vulnerability-lab com (Feb 10)
- Re: Indianapolis Superbowl 2012 - SQL Injection Vulnerabilities Julius Kivimäki (Feb 10)