Re: PHP BB bug

micheal_at_michealcottingham.com
Date: 07/15/04

  • Next message: Charles Otstot: "Re: Microsoft and Security"
    To: bugtraq@securityfocus.com
    Date: Thu, 15 Jul 2004 16:04:21 -0400
    
    

    Actually, I found that it doesn't matter if an SQL query is there or not.

    Example:

    http://www.example.com/viewtopic.php?t=12345&highlight=bug,%20*

    Something like:

    http://www.example.com/viewtopic.php?t=12345&highlight=bug,*

    does not work however. There doesn't _appear_ to be any exploit here,
    though granted I did not check this a great deal.

    --------------------------------------------------------------------
    mail2web - Check your email from the web at
    http://mail2web.com/ .


  • Next message: Charles Otstot: "Re: Microsoft and Security"