Contact us now
+38 (095) 7990080

Vulnerable resources – digest part 1 – 15.01.2016

January 15, 2016 - Posted by: - In category: Security audit - No responses

List of vulnerable resources – part 1

bug

  • 303gallery.com

    Vulnerable argument ‘exhid‘ in GET http://303gallery.com/index.php?exhid=411&p=images

    unable to obtain exhibition list from database: you have an error in your sql syntax; check the manual that corresponds to your mysql server version for the right syntax to use near '",[--' and exh_ar...

    Vulnerable argument ‘iid‘ in GET http://303gallery.com/index.php?iid=1216833&exhid=411&p=img

    error retrieving work inventory from database error: you have an error in your sql syntax; check the manual that corresponds to your mysql server version for the right syntax to u...

  • foodhubkohala.org

    Vulnerable argument ‘share‘ in GET http://foodhubkohala.org/eb/?share=twitter

    php error [256] (sql) (2002) no such file or directory
 fatal error called by line 32 in file /home/foodhubkohala/fo...

  • arkansased.org

    Vulnerable argument ‘page‘ in GET http://arkansased.org/faqs?page=5

    redbean_exception_sqldescriptionsqlstate[42000]: syntax error or access violation: 1064 you have an error in your sql syntax...

  • adfaber.org

    Vulnerable argument ‘attachment_id‘ in GET http://adfaber.org/?attachment_id=1195

    experienta in sql/database: mysql
 e un plus daca ai:
 experienta cu mvc frameworks (laravel, zend, symfony, codei

  • designobserver.com

    Vulnerable argument ‘id‘ in GET http://designobserver.com/profile.php?id=17125

    Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AND profile_follow.followid = profile.id GROUP BY profile.id ORDER BY lastname' at line 1Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AND profile.signupid = comments.signupid AND articles.id = comments.featureid GR' at line 1Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

  • margaretbergart.com

    Vulnerable argument ‘section‘ in GET http://margaretbergart.com/portfolio.php?section=6

    you have an error in your sql syntax; check the manual that corresponds to your mysql server version for the right syntax to use near ')(,.",'",[-- order by list_order limit 1' at line 1

    Vulnerable argument ‘artid‘ in GET http://margaretbergart.com/portfolio.php?section=6&artid=323

    you have an error in your sql syntax; check the manual that corresponds to your mysql server version for the right syntax to use near '",[--'' at line 1

Tags: , , ,