pg-sql.txt

!/usr/bin/php -q -d shortopentag=on setvar"COMMENTID", ""; if $GET"editcomment" "" $sql = "SELECT FROM " . $dbprefix . "comments WHERE commentid = " . dbSecure$GET"editcomment"; $cme = $db-execute$sql; if $usr-Access 1 || $SESSION"userid" == $cme-fields"userid" // allow user to edit the comment...

Particle Gallery <= 1.0.1 Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ====================================================== Particle Gallery setvar"COMMENTID", ""; if $GET"editcomment" "" $sql = "SELECT FROM " . $dbprefix . "comments WHERE commentid = " . dbSecure$GET"editcomment"; $cme = $db-execute$sql; i...