>First you missed the comment where I fixed my typo on the thread, >second, I thought someone of your "hacking" experience, you would have >been able to translate that message by yourself. In any case, I made
umm, no I doubt I missed anything except your contentless dribble. but I did notice the "error" of the web application... not only is it vulnerable to SQL injection, it is also vuln to XSS. Possibly you would like to enroll in a Zone-H Hands on Hacking Seminar so you too might be able to understand them too, instead of filling this list with your paranoid, meglomanic rants. http://www.biosmagazine.co.uk/op.php?id=314;ok<br>omg<br><b>n3td3v</b>%20rox<br>%20<br> http://www.nccgroup.com/events/index.aspx >On 11/13/05, Morning Wood <[EMAIL PROTECTED]> wrote: > Content Query has failed - SELECT > opinion.body,opinion.author,opinion.auth_title,opinion.auth_comp, > opinion.ptime,opinion.headline,opinion.category,opinion.active,opinion.forum > , prod_type.name as prod_type, prod_type.id as prod_type_id FROM opinion, > prod_type WHERE opinion.id = 314\\ AND opinion.active = 1 AND opinion.ptime > < 1131846681 AND opinion.category = prod_type.id > > sweet! > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
