22.03.2011, 16:11
|
|
Новичок
Регистрация: 19.05.2010
Сообщений: 6
С нами:
8412128
Репутация:
0
|
|
Привет всем... Нужна помощь с SQL Injection
Запросы:
1. http://site.com/xmlstats.php?affid=100&dt='
2. http://site.com/xmlstats.php?affid=100&dt=1'
3. http://site.com/xmlstats.php?affid=100&dt=1' OR 1=1
Ошибки:
1.
XML Parsing Error: syntax error
Location: http://site.com/xmlstats.php?affid=100&dt=%27
Line Number 1, Column 22:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '00:00:00' and '' 23:59:59'' at line 5
---------------------^
2.
XML Parsing Error: syntax error
Location: http://site.com/xmlstats.php?affid=100&dt=1%27
Line Number 1, Column 22:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '00:00:00' and '1' 23:59:59'' at line 5
---------------------^
3.
XML Parsing Error: syntax error
Location: http://site.com/xmlstats.php?affid=100&dt=1%27%20OR%201=1
Line Number 1, Column 22:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'OR 1=1 00:00:00' and '1' OR 1=1 23:59:59'' at line 5
---------------------^
Есть ли возможность заюзать SQL Inection в данном случае? На месте &dt должна быть дата например 2011-03-19
|
|
|