Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos network security services platform

Bugtraq: Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php

Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php

From: <martin.meredith_at_vbulletin.com>
Date: 21 May 2008 09:16:20 -0000

('binary' encoding is not supported, stored as-is) This is invalid. the variable q is taken, split into words, and then each word is escaped for usage within the DB.

Once again, this is invalid
Received on May 21 2008

This message: [ Message body ]
Next message: security_at_mandriva.com: "[ MDVSA-2008:105 ] - Updated kernel packages fix vulnerabilities"
Previous message: CORE Security Technologies: "CORE-2008-0415: Borland Interbase 2007 Integer Overflow"
Maybe in reply to: a.jasbi_at_yahoo.com: "Vbulletin 3.7.0 Gold >> Sql injection on faq.php"
Next in thread: Matias Blanco: "Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php"
Reply: Matias Blanco: "Re: Vbulletin 3.7.0 Gold >> Sql injection on faq.php"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]