waxor Posted November 5, 2011 Report Share Posted November 5, 2011 (edited) Level : Very EasyV!ctim : WFDF :: World Flying Disc Federation Home PageTarget : ImageShack® - Online Photo and Video HostingFinally :MateiDeDuady_adam Edited December 22, 2011 by waxor Quote Link to comment Share on other sites More sharing options...
Matei Posted December 13, 2011 Report Share Posted December 13, 2011 imm.io - www.wfdf.org - WFDF :: World Flying Disc Federation Home Page Quote Link to comment Share on other sites More sharing options...
totti93 Posted December 15, 2011 Report Share Posted December 15, 2011 @Matei Am crezut ca au rezolvat vulnerabilitatea, ca am vazut datele din db selectate din query-ul scris de ei... Cand faci asa, pune o valoare care nu exista in table... Ex: "id=-1", sau "id=1 and null" Quote Link to comment Share on other sites More sharing options...
waxor Posted December 18, 2011 Author Report Share Posted December 18, 2011 Yes! Quote Link to comment Share on other sites More sharing options...
Matei Posted December 18, 2011 Report Share Posted December 18, 2011 @Matei Am crezut ca au rezolvat vulnerabilitatea, ca am vazut datele din db selectate din query-ul scris de ei... Cand faci asa, pune o valoare care nu exista in table... Ex: "id=-1", sau "id=1 and null"Oki doki. Got it now ! Quote Link to comment Share on other sites More sharing options...
pr00f Posted December 20, 2011 Report Share Posted December 20, 2011 WFDF :: World Flying Disc Federation Home Pagee bine?Este bine, îns? pune o valoare precum sport_id=-1, care nu se afl? în tabela respectiv?, precum a spus ?i totti93. Nu de alta, dar arat? ?i mai frumos. Quote Link to comment Share on other sites More sharing options...