Re: jara 1.6 sql injection vulnerability

[Henri Salo <henri@xxxxxxx>]

On Sun, Oct 23, 2011 at 01:06:07AM +0200, muuratsalo experimental hack lab 
wrote:
> jara 1.6 sql injection vulnerability
> 
> download  http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip
> 
> author      muuratsalo
> contact     muuratsalo[at]gmail.com
> 
> exploit
> http://localhost/jara/view.php?id=[SQL Injection]

Still not fixed. Tried to contact vendor via email (as did muuratsalo) without 
any luck.

http://sourceforge.net/tracker/?func=detail&aid=3428075&group_id=294500&atid=1243901

Best regards,
Henri Salo