Re: [Full-disclosure] SANS PHP Port Scanner Remote Code Execution
$host = $_POST['ip'];
system("ping $host");
On Wed, Mar 6, 2013 at 5:46 AM, laurent gaffie wrote:
> http://resources.infosecinstitute.com/php-build-your-own-mini-port-scanner/
>
> Finding the vulnerability in this code is left as an exercise to the
> reader.
>
> PS: "*Your comment will be awaiting moderation forever."*
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] sql query displaying on error
http://demo.demolink.biz/index.php?option=com_content&view=article&id=94&Itemid=236
Table './demolink_ccdemo/are1s_session' is marked as crashed and should be
repaired SQL=INSERT INTO `are1s_session` (`session_id`, `client_id`,
`time`) VALUES ('526944509a863ca28cd0dd7763eb1e3e', 0, '1358966730')
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
