Chi Kien Uong
Geranienstraße 30
71034 Böblingen
Deutschland / Germany
|
If you are not registered or logged in, you may still use these forums but with limited features.
Show recent topics
|
|
|
Author |
Message |
23/04/2004 14:12:56
|
Jam'n
Graduate
Joined: 07/01/2003 17:31:39
Messages: 166
Location: Netherlands
Offline
|
I found out that Advanced Guestbook 2.2 appears vulnerable to SQL Injection granting the attacker administrator access. The attack is very simple and consists of inputting a special password string leaving the username entry blank:
So I suggest you upgrade to the latest version.
|
Jam'n
------------------------------------------------
Only the man who's truly educated
understands that he knows very little...
------------------------------------------------ |
|
|
|
|
|
Based on the open source JForum
|