[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re: Invision Gallery 2.0.6 ( SQL Injection )

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Re: Invision Gallery 2.0.6 ( SQL Injection )
From: an0n@xxxxxxxx
Date: 5 May 2006 16:43:18 -0000

I checked this yesterday night. The pass_hash is well retrieved, but modifying 
the pass_hash and the user id in the cookies (thanks to BurpSuite) does not 
affect the behaviour of the server... I might have done something wrong...

Prev by Date: Intel wireless service s24evmon.exe confidential information disclosure.
Next by Date: phpBB 2.0.20 Full Path Disclosure and SQL Errors
Previous by thread: Re: Invision Gallery 2.0.6 ( SQL Injection )
Next by thread: Oracle, where are the patches???
Index(es):
- Date
- Thread