mysql_error() XSS Vulnerability

不正确使用mysqlerror导致的Vul。当然前提是$db可以覆盖，那么就很鸡肋了，或者就不能叫Vul了，O∩∩OJust For Fun mysqlerror http://hi.baidu.com/menzhi007/blog/item/7583dc0390316d7d3912bbbf.html ?php $db='menzhi007'; extract$GET; $link = mysqlconnect"localhost", "root", ""; mysqlselectdb$db, $link; echo mysqlerror$link; ?...

CVE-2006-0097

Stack-based buffer overflow in the createnamedpipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long 1 arghost or 2 argunixsocket argument, as demonstrated by a long named pipe variable in the host argument to the...