|
Chi Kien Uong
Geranienstraße 30
71034 Böblingen
Deutschland / Germany
|
If you are not registered or logged in, you may still use these forums but with limited features.
Show recent topics
|
|
|
| Author |
Message |
![[Post New]](/forum/templates/html/images/icon_minipost_new.gif) 23/04/2004 14:12:56
|
Jam'n
Graduate
![[Avatar]](/forum/images/avatar/9851679603ed7b6d3d2c7f.gif)
Joined: 07/01/2003 17:31:39
Messages: 166
Location: Netherlands
Offline
|
I found out that Advanced Guestbook 2.2 appears vulnerable to SQL Injection granting the attacker administrator access. The attack is very simple and consists of inputting a special password string leaving the username entry blank:
So I suggest you upgrade to the latest version.
|
Jam'n
------------------------------------------------
Only the man who's truly educated
understands that he knows very little...
------------------------------------------------ |
|
|
|
|
|
|
|
|
Based on the open source JForum
|
![[Search]](/forum/templates/html/images/icon_mini_search.gif){kind=icon}
![[Hottest Topics]](/forum/templates/html/images/icon_mini_recentTopics.gif){kind=icon}
![[Members]](/forum/templates/html/images/icon_mini_members.gif){kind=icon}
![[FAQ]](/forum/templates/html/images/icon_mini_faq.gif){kind=icon}
![[Register]](/forum/templates/html/images/icon_mini_register.gif){kind=icon}
Register![[Login]](/forum/templates/html/images/icon_mini_login.gif){kind=icon}
Login
![[Up]](/forum/templates/html/images/icon_up.gif){kind=icon}
![[WWW]](/forum/templates/html/images/icon_www.gif){kind=icon}