humo-sql.txt

2008-07-29T00:00:00
ID PACKETSTORM:68596
Type packetstorm
Reporter Tosser
Modified 2008-07-29T00:00:00

Description

                                        
                                            `# Title: humo.be SQL Injection vuln  
  
# Description: The site www.humo.be (a Belgian magazine) has a page where people can vote on various things.  
This page, however, has an SQL Injection vulnerability.  
  
# Author: Tosser  
  
# E-mail: ht7015@gmail.com  
  
# Proof: http://www.humo.be/cps/rde/xchg/humo/hs.xsl/word_rockster_overview.html?id=19068+or+1=1  
This will list all the items in the database. The database has A LOT of items in it, so  
you might not want to do this too often in order to avoid dossing something...  
`