phpBB • View topic - howdark.com "exploits"

howdark.com "exploits"

Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

1 post • Page 1 of 1

howdark.com "exploits"

by psoTFX » Mon Nov 15, 2004 4:27 pm

We've have had and continue to receive reports based on a bugtraq email submitted by the "howdark.com" group. Please do not report these issues to us, not by PM, email nor via our security tracker.

The two "sql injection" issues are not sql injection issues, nothing can be done with them at all due to type casting (strings are forced to an integer type). The group admit this themselves but persist in claiming they are sql injection issues. The "solution" they give contains semantically incorrect SQL (you do not enclose values for integer field types in quotes).

psoTFX: Former Team Member; Posts: 7426; Joined: Tue Jul 03, 2001 8:50 pm

Top

Post a reply

1 post • Page 1 of 1

Return to Announcements

Jump to:

Who is online

Users browsing this forum: punchfest and 27 guests

© 2000, 2002, 2003, 2007 phpBB Group • Designed by phpBB & subBlue • Contact Us • Advertise at phpbb.com
Header illustrations by Vlad Gerasimov • Hosting donated by OSUOSL

phpBB • Creating Communities Worldwide

Features

History

Press

The Team

Contact Us

Advertising

Latest Version

Upgrade Packages

Language Packs

Modifications

Styles

Modifications

Modification database

Development Wiki

Styles

Styles database

Styles Demo

Documentation

Knowledge Base

Flash Tutorials

Support Forums

IRC Support

International Support

Get involved

Bug Tracker

Security Tracker

phpBB Code Forge

Development Wiki

Area51

Support Forums

Modification Forums

Styles Forums

phpBB Discussion

Events

General Discussion

howdark.com "exploits"

howdark.com "exploits"

Who is online

Advertisement