Bugtraq mailing list archives

Re: jara 1.6 sql injection vulnerability

From: Henri Salo <henri () nerv fi>
Date: Tue, 25 Oct 2011 08:40:34 +0300

On Sun, Oct 23, 2011 at 01:06:07AM +0200, muuratsalo experimental hack lab wrote:

jara 1.6 sql injection vulnerability

download  http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip

author      muuratsalo
contact     muuratsalo[at]gmail.com

exploit
http://localhost/jara/view.php?id=[SQL Injection]


Has this been fixed? What was vendor reply?

Best regards,
Henri Salo

Current thread:

jara 1.6 sql injection vulnerability muuratsalo experimental hack lab (Oct 24)
- Re: jara 1.6 sql injection vulnerability Henri Salo (Oct 25)
- Re: jara 1.6 sql injection vulnerability Henri Salo (Oct 28)