mdpro-sql.txt

2007-01-30T00:00:00
ID PACKETSTORM:54082
Type packetstorm
Reporter adexior
Modified 2007-01-30T00:00:00

Description

                                        
                                            `From: adexior@gmail.com  
To: bugtraq@securityfocus.com  
Subject: MDPro 1.0.76 - Multiple Remote Vulnerabilities  
  
_____SQL Injection:  
  
index.php?module=News&startrow='[sql injection]  
  
  
_____Show path to script:  
  
user.php?op=userinfo&uname='  
  
`