Incepat0r Posted January 10, 2012 Report Share Posted January 10, 2012 Dupa ce am "testat" search-ul la un site a aparut un XSS iar dupa ce i-am dat "ok" a aparut urmatoarea eroare. Este prima oara cand intalnesc asa ceva si poate ma ajutati cu unelel lamuriri.A Database Error OccurredError Number: 1064You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'a')%' GROUP BY girls_id ORDER BY girls_1hour ASC LIMIT 30 OFFSET 0' at line 1SELECT * FROM girls LEFT JOIN cities ON girls.fk_cities = cities.cities_id LEFT JOIN rel_girls_services ON girls.girls_id = rel_girls_services.fk_girls LEFT JOIN rel_girls_availabilities ON girls.girls_id = rel_girls_availabilities.fk_girls WHERE girls_status = 'active' AND cities_name LIKE '%%' GROUP BY girls_id ORDER BY girls_1hour ASC LIMIT 30 OFFSET 0Filename: /usr/home/...Line Number: 1013 Quote Link to comment Share on other sites More sharing options...
Moderators Dragos Posted January 10, 2012 Moderators Report Share Posted January 10, 2012 Se pare ca site-ul e vulnerabil la SQL Injection. Quote Link to comment Share on other sites More sharing options...
AhEaD Posted January 10, 2012 Report Share Posted January 10, 2012 havijjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj ))))) Quote Link to comment Share on other sites More sharing options...
Nokia94 Posted January 10, 2012 Report Share Posted January 10, 2012 havijjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj )))))Da da mai taie din ele da-le ... Quote Link to comment Share on other sites More sharing options...
