Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: phpGiftReq SQL Injection

From: Ryan Walberg <generalpf () yahoo com>
Date: 7 Mar 2005 18:23:38 -0000
In-Reply-To: <41EAA8C8.6050600 () iname com>


phpGiftReq doesn't validate the parameters. This allows SQL Injection
and modification of data in the database.

This vulnerability has been tested with phpGiftReq 1.4.0


Fixed these flaws and many others in 1.5.0b1.
Previous By Date Next
Previous By Thread Next

Current thread: