Re: SQL IN Open Bulletin Board
Each of these has been previously disclosed it seems:
: discussion :- there is many sql in
: (board.php) as
wwww.victim.com/openbb/board.php?FID=[sql]
2004-04-24
http://www.gulftech.org/04242004.php
: (read.php) as
www.victim.com/openbb/read.php?TID=[sql]
2005-05-12
http://archives.neohapsis.com/archives/bugtraq/2005-05/0175.html
: (member.php) as
www.victim.com/openbb/member.php?action=profile&UID=[sql]
2004-04-24
http://www.gulftech.org/04242004.php
I don't see any indication they were ever fixed, even though a year+ old.