[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    DBoardGear SQL Injection
From:       almaster () hotmail ! com
Date:       2005-10-24 13:49:32
Message-ID: 20051024134932.21670.qmail () securityfocus ! com
[Download RAW message or body]

DboardGear ..
Search By Google :-
by DboardGear

Gr33tz :-
         aLMaSTeR HaCKeR .. SQL Injection's FOunder   - | almaster@hotmail.com|-
         Security4Arab .. A'Where Home .. 

1- SQL Injection in buddy.php
http://www.site.com/dboard/buddy.php?action=add&buddy=|aLMaSTeR

2-SQL Injection in u2a.php
http://www.site.com/dboard/u2u.php?action=view&u2uid=|aLMaSTeR

Error:
You have an error in your SQL syntax near '' at line 1
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic