and we see found torrents.
http://localhost/torrenttrader109/browse.php?wherecatin=0)+OR+IF(LENGTH(@@version)>50,1,2)=(SELECT+1
"No torrents were found based on your search criteria."
In this way attacker is able to ask boolean questions from database and retrieve
needed information bit by bit - example of classical blind sql injection.
If there is no active torrents in database, then induced sql errors method can be used.
http://ruder.cdut.net
Summary:
Baidu Soba is a popular browser toolbar which developed by Baidu, a Chinese web search engine company, like Google, more informations can be found at:
http://www.baidu.com
http://bar.baidu.com/sobar/promotion.html
There exists a remote code execute vulnerability in Baidu Soba's ActiveX Control "BaiduBar.dll". A remote attacker who successfully exploit these vulnerabilities can completely take control of the affected system.
+--> MS SQL Server 2005 SQL Injection
+--/-- 1>
There is an SQL Injection vulenarability in the site search module.
The code can be find in "<SRC_DIR>/BlazeApps/Usercontrols/Search.ascx" file.
Submitting search criteria will cause subroutine "uxSubmitButton_Click"
in the file "<SRC_DIR>/BlazeApps/Usercontrols/Search.ascx.vb" to be executed.
Then it will use "uxSearchTextBox" input element value (POST Variable) and
the "tagname" input value (POST Variable) without escaping, in a query.
The exact place of injection bug is at lines 67 and 69.
