prev · 26.05.2008 · next 
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 | |
Ablespace 1.0 'cat_id' Parameter SQL Injection Vulnerability
( 192 days 10 hours ago)
By : s3rv3rhack3r (Ali Jasbi) Vendor : abk-soft.com Name : ablespace version : All Version Risk : Very high advcat.php >>> if(!empty($GET['catid'])){ $str = ''; DB::query("select * from advcats where id=".tosql(getparam('catid'),"Number")); You can exploit this vulnerability like this : =[sql inection]
