Re: PHP BB bug

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: PHP BB bug
From: "micheal@xxxxxxxxxxxxxxxxxxxxx" <micheal@xxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 15 Jul 2004 16:04:21 -0400
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Reply-to: webmaster@xxxxxxxxxxxxxxxxxxxxx

Actually, I found that it doesn't matter if an SQL query is there or not.

Example:

http://www.example.com/viewtopic.php?t=12345&highlight=bug,%20*

Something like:

http://www.example.com/viewtopic.php?t=12345&highlight=bug,*

does not work however. There doesn't _appear_ to be any exploit here,
though granted I did not check this a great deal.



--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .

Prev by Date: RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC
Next by Date: [waraxe-2004-SA#034 - XSS and path full path disclosure in PhpBB 2.0.8]
Previous by thread: Re: PHP BB bug
Next by thread: Re: PHP BB bug
Index(es):
- Date
- Thread