At 2004-03-25T22:14:48Z, [EMAIL PROTECTED] writes:
> <html>
> <body>
> <?php
> $db = mysql_connect("localhost", "root");
> mysql_select_db("dtrackLog",$db);
> if ($submit) {
> if ($ExID) {
> $sql = "UPDATE TL_Exploit SET
> LogID='$LogID',OfficialName='$OfficialName',BugTraqID='$BugTraqID',PublishedDate='$PublishedDate',Type='$Type',Range='$Range',Damage='$Damage',OnlineReferences='$OnlineReferences',
> SoftwareAffected='$SoftwareAffected',NotVulnerable='$NotVulnerable',Symptoms='$Symptoms',HowTo='$HowTo',ObjectAffected='$ObjectAffected',Discussion='$Discussion',Credits='$Credits',WHERE
> ExID=$ExID";You're relying on a major security flaw in PHP (injecting GET/POST data into the global namespace) for functionality. Also, your database queries are incredibly dangerous; google for "SQL injection" for more information. Basically, I could 0wn your website in about 5 minutes, and so could anyone else so motivated. I suggest you take this offline immediately until it can be fixed. -- Kirk Strauser In Googlis non est, ergo non est.
pgp00000.pgp
Description: PGP signature
