Bugtraq mailing list archives
Re: SQL IN PortailPHP
From: "Steven M. Christey" <coley () mitre org>
Date: Sun, 7 Aug 2005 17:59:04 -0400 (EDT)
Vulnerable: PortailPHP 2.4 and all version
According to the vendor web site, the most recent version of PortailPHP is 1.3, released in October 2004. Was this a typo? Other reports for SQL injection in an "id" parameter for 1.3 were publicly made by CENSORED on May 21, 2005, but those reports were for other modules (News, File, Liens, and Faq). A casual source code inspection of version 1.3 suggests that these are distinct bugs. - Steve
Current thread:
- SQL IN PortailPHP ABDUCTER_MINDS (Aug 04)
- <Possible follow-ups>
- Re: SQL IN PortailPHP Steven M. Christey (Aug 08)