|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Invision Power Board "v1.X & 2.X" SQL Injection
mattmecham
gmail.com
Date: Mon Jul 10 2006 - 04:55:27 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Note, none of these 'exploits' have any chance of working.
The CODE attribute is never present in an SQL query - it's only used in a switch statement to direct incoming 'traffic' to the correct function within a class.
Further more 'act' parameters: 'ketqua' and file 'coin_list.php' are not standard IPB 2.x features and must be third party modifications that IPS does not distrubute, endorse or support.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]