GetMyOwnArcade Search.PHP SQL注入漏洞

GetMyOwnArcade是一款基于PHP的WEB应用程序。 GetMyOwnArcade不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息或操作数据库。 问题是'Search.PHP'脚本对用户提交的'$query'参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息，或者操作数据库。 GetMyOwnArcade 目前没有解决方案提供： http://www.getmyownarcade.com/ GetMyOwnArcade search.php $query SQL-Injection Discovered By:...

GetMyOwnArcade (search.php query) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================================== GetMyOwnArcade search.php query Remote SQL Injection Vulnerability ==================================================================== GetMyOwnArcade search.php $query...

GetMyOwnArcade (search.php query) Remote SQL Injection Vulnerability

No description provided by source. GetMyOwnArcade search.php $query SQL-Injection Discovered By: RoXur777 August 11th 2007 Google-Dork: "Powered by GetMyOwnArcade" / $query is not being filtered before getting passed to a query. Therefore, we can inject SQL code into the SQL-Query. Using...

GetMyOwnArcade - 'search.php?query' SQL Injection

GetMyOwnArcade search.php $query SQL-Injection Discovered By: RoXur777 August 11th 2007 Google-Dork: "Powered by GetMyOwnArcade" / $query is not being filtered before getting passed to a query. Therefore, we can inject SQL code into the SQL-Query. Using UNION-SELECT we can obtain member...