Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Invision Power Board "v1.X & 2.X" SQL Injection
From: mattmecham () gmail com
Date: 10 Jul 2006 09:55:27 -0000

Note, none of these 'exploits' have any chance of working.

The CODE attribute is never present in an SQL query - it's only used in a switch statement to direct incoming 'traffic' 
to the correct function within a class.

Further more 'act' parameters: 'ketqua' and file 'coin_list.php' are not standard IPB 2.x features and must be third 
party modifications that IPS does not distrubute, endorse or support.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]