OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: SQL injection in Invision Power Board v2.1.5

mattmechamgmail.com
Date: Tue Mar 07 2006 - 04:07:28 CST


I've tested this and cannot get SQL to execute. The "s" parameter is run past PHP's intval() which knocks off anything that's not a number.

Can you explain how you got this to work?