[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RaceEventManagement <--v0.7.6 SQL injection & XSS

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: RaceEventManagement <--v0.7.6 SQL injection & XSS
From: Mster-X@xxxxxxxxxxx
Date: 20 May 2006 10:20:40 -0000

============================
Discovery By: Mr-X
Site: www.alshmokh.com
E-mail: Mster-X@xxxxxxxxxxx
===========================

Example:
/nennung.php?pid=[SQL]
/nennung.php?pid=[XSS]

Prev by Date: Interlink "news_information.php" XSS
Next by Date: Xtremescripts Topsites v1.1
Previous by thread: Interlink "news_information.php" XSS
Next by thread: Xtremescripts Topsites v1.1
Index(es):
- Date
- Thread