[VIM] 26226: abarcar Realty Portal content.php cat Variable SQL Injection (fwd)

security curmudgeon jericho at attrition.org
Tue Feb 20 02:01:37 EST 2007



---------- Forwarded message ----------
From: Helmut P. Fleischhauer
To: moderators at osvdb.org
Date: Sat, 02 Dec 2006 18:21:25 +0100
Reply-To: moderators at osvdb.org
Subject: [OSVDB Mods] [Change Request] 26226: abarcar Realty Portal content.php
     cat Variable SQL Injection

1. The current version of the software is 7.2
    Since version 7.0, released over 6 months ago,
    static pages are created and no appended values are used.

2. The version 5.1.5 is not in use since end of 2003

3. Above test was NOT made with a Realty Portal package
    as there is no package of this version available online
    Referring to the Realty Portal software is false

4. abarcar Software was not informed prior to publication



Sincerely

Helmut P. Fleischhauer

abarcar Software
Mulknitzer Dorfstr. 11
03149 Forst
Germany
Phone.: +49 3562 693532
info at abarcar.com
http://www.abarcar.com


More information about the VIM mailing list