Anthill query.php bug Variable SQL Injection

2006-06-24T14:19:02
ID OSVDB:26854
Type osvdb
Reporter r0t(krustevs@googlemail.com)
Modified 2006-06-24T14:19:02

Description

Technical Description

This vulnerability is only present when the magic_quotes_gpc PHP option is 'off'.

References:

Vendor URL: http://anthill.vmlinuz.ca/ Secunia Advisory ID:20838 Related OSVDB ID: 26853 Other Advisory URL: http://pridels.blogspot.com/2006/06/anthill-sql-injection-vuln.html FrSIRT Advisory: ADV-2006-2529 CVE-2006-3244 Bugtraq ID: 18661