Foren / Cotonti / Bugs / Search SQL injection

Exploit

badc0re
#30752 18. September 2011, 21:36

Members

#30749 esclkm:

but where was injection??? this field has ALP filter - which filter only [A-Za-z0-z_] try to inject

 

Added 2 minutes later:

Well the search is vulnerable. Try it by yourself.

Maybe it's not exploitable but it could lead to information extraction.

Dieser Beitrag wurde von badc0re (am 18. September 2011, 21:46, vor 13 Jahre) bearbeitet