Help.. SQL Injection. I have a website : www.site.com/lol/ . I was looking the code and i saw that lol is the same as lol.php. Then i looked again the code and i saw a code like this : <form method="post" action="/lol.php"> <div class="buscbackg"> <input id="q" name="q" type="text" class="fields" /> </div> <input type="image" src="/img/b_ir.jpg" style="width:33px;height:29px;float:right;" /> <div class="clear"></div> </form> so i thinked it must be www.site.com/lol.php?q=. I am correct? Because it doesnt work , i put www.site.com/lol.php?q=1 and work , if i put q=1' works again . I made an scann and it says that is vulnerable to SQL Injection on that area. Help me please http://sla.ckers.org/forum/read.php?16,36503,36503#msg-36503 Wed, 22 May 2013 16:38:04 -0500 Phorum 5.2.15a http://sla.ckers.org/forum/read.php?16,36503,36536#msg-36536 Re: Help.. SQL Injection. http://sla.ckers.org/forum/read.php?16,36503,36536#msg-36536 Use Firefox + HackBar to make some POST requests.]]> Plitvix SQL and Code Injection Mon, 20 Jun 2011 15:05:05 -0500 http://sla.ckers.org/forum/read.php?16,36503,36519#msg-36519 Re: Help.. SQL Injection. http://sla.ckers.org/forum/read.php?16,36503,36519#msg-36519 narutoo SQL and Code Injection Sat, 18 Jun 2011 22:31:06 -0500 http://sla.ckers.org/forum/read.php?16,36503,36517#msg-36517 Re: Help.. SQL Injection. http://sla.ckers.org/forum/read.php?16,36503,36517#msg-36517 thanggiangho SQL and Code Injection Sat, 18 Jun 2011 22:10:05 -0500 http://sla.ckers.org/forum/read.php?16,36503,36513#msg-36513 Re: Help.. SQL Injection. http://sla.ckers.org/forum/read.php?16,36503,36513#msg-36513
injection will be in postdata if exists]]> peann SQL and Code Injection Sat, 18 Jun 2011 15:13:58 -0500 http://sla.ckers.org/forum/read.php?16,36503,36503#msg-36503 Help.. SQL Injection. http://sla.ckers.org/forum/read.php?16,36503,36503#msg-36503
I was looking the code and i saw that lol is the same as lol.php. Then i looked again the code and i saw a code like this :

<form method="post" action="/lol.php">
<div class="buscbackg">
<input id="q" name="q" type="text" class="fields" />
</div>
<input type="image" src="/img/b_ir.jpg" style="width:33px;height:29px;float:right;" />
<div class="clear"></div>
</form>

so i thinked it must be www.site.com/lol.php?q=. I am correct? Because it doesnt work , i put www.site.com/lol.php?q=1 and work , if i put q=1' works again . I made an scann and it says that is vulnerable to SQL Injection on that area.

Help me please]]> narutoo SQL and Code Injection Sat, 18 Jun 2011 01:40:21 -0500