[VIM] 26226: abarcar Realty Portal content.php cat Variable SQL Injection (fwd)
security curmudgeon
jericho at attrition.org
Tue Feb 20 02:01:37 EST 2007
---------- Forwarded message ----------
From: Helmut P. Fleischhauer
To: moderators at osvdb.org
Date: Sat, 02 Dec 2006 18:21:25 +0100
Reply-To: moderators at osvdb.org
Subject: [OSVDB Mods] [Change Request] 26226: abarcar Realty Portal content.php
cat Variable SQL Injection
1. The current version of the software is 7.2
Since version 7.0, released over 6 months ago,
static pages are created and no appended values are used.
2. The version 5.1.5 is not in use since end of 2003
3. Above test was NOT made with a Realty Portal package
as there is no package of this version available online
Referring to the Realty Portal software is false
4. abarcar Software was not informed prior to publication
Sincerely
Helmut P. Fleischhauer
abarcar Software
Mulknitzer Dorfstr. 11
03149 Forst
Germany
Phone.: +49 3562 693532
info at abarcar.com
http://www.abarcar.com
More information about the VIM
mailing list