Форуми / Cotonti / Bugs / Search SQL injection

Exploit

badc0re
#30752 18.09.2011 21:36

Members

#30749 esclkm:

but where was injection??? this field has ALP filter - which filter only [A-Za-z0-z_] try to inject

 

Added 2 minutes later:

Well the search is vulnerable. Try it by yourself.

Maybe it's not exploitable but it could lead to information extraction.

Відредаговано: badc0re (18.09.2011 21:46, 13 років тому)