Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Re: [Aria-Security Team] uGestBook SQL Injection Vuln
From: saps.audit () gmail com
Date: 5 Dec 2006 21:29:44 -0000

well actually there no injection sql in the var :

it's just an error for type mismatch ... 
( Microsoft VBScript runtime  error '800a000d'
Type mismatch: '[string: "query_blabla"]'  

i think those guys ( aria ) doesn't understand the difference between an error sql and a injection sql... 
wich i found funny for a security team ;P


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]