Bugtraq mailing list archives
Re: phpGiftReq SQL Injection
From: Ryan Walberg <generalpf () yahoo com>
Date: 7 Mar 2005 18:23:38 -0000
In-Reply-To: <41EAA8C8.6050600 () iname com>
phpGiftReq doesn't validate the parameters. This allows SQL Injection and modification of data in the database. This vulnerability has been tested with phpGiftReq 1.4.0
Fixed these flaws and many others in 1.5.0b1.
Current thread:
- Re: phpGiftReq SQL Injection Ryan Walberg (Mar 07)