Waraxe IT Security Portal

:: Home :: Search :: Your Account :: Forums :: Waraxe Advisories :: Tools ::

January 16, 2026

Menu

Home

Logout

Discussions

	Forums
	Members List
	IRC chat

Tools

	Base64 coder
	MD5 hash
	CRC32 checksum
	ROT13 coder
	SHA-1 hash
	URL-decoder
	Sql Char Encoder

Affiliates

	y3dips ITsec
	Md5 Cracker
	User Manuals
	AlbumNow

Content

	Content
	Sections
	FAQ
	Top

Info

	Feedback
	Recommend Us
	Search
	Journal
	Your Account

User Info

Membership:

Latest: MichaelSnaRe

New Today: 0

New Yesterday: 0

Overall: 9144

People Online:

Visitors: 65

Members: 0

Total: 65

Full disclosure

[REVIVE-SA-2026-001] Revive Adserver Vulnerabilities
Defense in depth -- the Microsoft way (part 95): the (shared)"Start Menu" is dispensable
Re: Multiple Security Misconfigurations and CustomerEnumeration Exposure in Convercent Whistleblowing Platform(EQS Group)
RIOT OS 2026.01-devel-317 Stack-Based Buffer Overflow in RIOT ethos Serial Frame Parser
RIOT OS 2026.01-devel-317 Stack-Based Buffer Overflow in tapslip6 Utility via Unbounded Device Path Construction
TinyOS 2.1.2 Stack-Based Buffer Overflow in mcp2200gpio
TinyOS 2.1.2 printfUART Global Buffer Overflow via UnboundedFormat Expansion
KL-001-2026-01: yintibao Fun Print Mobile Unauthorized Access via Context Hijacking
Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
Panda3d v1.10.16 Uncontrolled Format String in Panda3D egg-mkfont Allows Stack Memory Disclosure
Panda3d v1.10.16 egg-mkfont Stack Buffer Overflow
Panda3d v1.10.16 deploy-stub Unbounded Stack Allocation Leading to Uninitialized Memory
MongoDB v8.3.0 Integer Underflow in LMDB mdb_load
Bioformats v8.3.0 Untrusted Deserialization of Bio-Formats Memoizer Cache Files
Bioformats v8.3.0 Improper Restriction of XML External Entity Reference in Bio-Formats Leica Microsystems XML Parser

IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Sql injection -> Sql injection posibilities
	View previous topic :: View next topic

Sql injection posibilities

Posted: Thu Nov 04, 2004 9:07 pm

frisco

Beginner

Joined: Nov 04, 2004

Posts: 4

Searching throught several web I usually surf I have found a SQL injenction vuln but it is in a propietary software so I dont know how the hell get data for another table behind the one that is used in the query.

The site is running with php and mysql and without I think that phpuser doesn't have any privileges on the mysql.* tables becouse after checking the number of atributes of the query and finding some strings that will be visible on the final page selecting atributes from mysql.user table only lead me to mysql_fetch_array() errors (this is the only error I can see).

Any ideas or comments.

For you interest the link is:

http://www.ciber-rebellion.com/tiendarebel/verampliacion.php?idAmpl=10 LIMIT 0,1 UNION SELECT null,user,password,1,2,1,1,1,1,null,null,null,null from mysql.user/*

Its a spanish webpage and found mysql version is 4.0.20

Sql injection posibilities

www.waraxe.us Forum Index -> Sql injection

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

All times are GMT
Page 1 of 1

PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.039 Seconds