[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: jara 1.6 sql injection vulnerability

To: muuratsalo experimental hack lab <muuratsalo@xxxxxxxxx>
Subject: Re: jara 1.6 sql injection vulnerability
From: Henri Salo <henri@xxxxxxx>
Date: Tue, 25 Oct 2011 08:40:34 +0300

On Sun, Oct 23, 2011 at 01:06:07AM +0200, muuratsalo experimental hack lab 
wrote:
> jara 1.6 sql injection vulnerability
> 
> download  http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip
> 
> author      muuratsalo
> contact     muuratsalo[at]gmail.com
> 
> exploit
> http://localhost/jara/view.php?id=[SQL Injection]

Has this been fixed? What was vendor reply?

Best regards,
Henri Salo

References:
- jara 1.6 sql injection vulnerability
  - From: muuratsalo experimental hack lab

Prev by Date: [ GLSA 201110-19 ] X.Org X Server: Multiple vulnerabilities
Next by Date: [ GLSA 201110-23 ] Apache mod_authnz_external: SQL injection
Previous by thread: jara 1.6 sql injection vulnerability
Next by thread: Re: jara 1.6 sql injection vulnerability
Index(es):
- Date
- Thread