[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: phpGiftReq SQL Injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: phpGiftReq SQL Injection
From: Ryan Walberg <generalpf@xxxxxxxxx>
Date: 7 Mar 2005 18:23:38 -0000

In-Reply-To: <41EAA8C8.6050600@xxxxxxxxx>

>phpGiftReq doesn't validate the parameters. This allows SQL Injection
>and modification of data in the database.
>
>This vulnerability has been tested with phpGiftReq 1.4.0

Fixed these flaws and many others in 1.5.0b1.

Prev by Date: drone armies C&C report - Feb/2005
Next by Date: See-security advisory: Trillian Basic 3.0 PNG Processing Buffer overflow
Previous by thread: drone armies C&C report - Feb/2005
Next by thread: See-security advisory: Trillian Basic 3.0 PNG Processing Buffer overflow
Index(es):
- Date
- Thread