wheatblog-rfi.txt

Found by E.Minaev [email protected] ITDefence.ru 1 SQL Injection in login function. With help of this injection is possible to make per-symbol brute of tables names of blog's database magicquotesgpc should be tured off. ------------------------------------------ "$sql = "select from $tblUse...