Being a hacker

Never trust user input Poorly or unvalidated user input constitutes the most severe security problem with web applications can crash a server can cause buffer overflows can allow machine to be hijacked allow hacker to have root access Assume user input is bad until you prove its OK

10p muathu_102 28-01-2013 50 4   Download

There is a sql injection vuln which exists in /viewtopic.php file. The variable is $topic_id # which gets passed directly to sql server in query. Attacker could pass a special sql string which # can used to see md5 password hash for any user (!) for phpBB. This pass can be later used with

4p ad_uit 09-01-2011 273 17   Download