From: AdamT (adwulf@gmail.com)
Date: Thu Jan 19 2006 - 05:55:37 EST
On 1/18/06, John Madden <chiwawa999@yahoo.com> wrote:
> Hi,
>
> I'm pentesting a web site and i get the following
> error message while using a single quote: ex.
> /confirm.php?conf='test123
>
> Warning: mysql_fetch_row(): supplied argument is not a
> valid MySQL result resource in /xx/xx/confirm.php on
> line 5
>
It could be that the table/database being queried in the script is non-existent.
Eg: Their MySQL command tries to lookup a row in 'mytable'
'mydatabase'. but neither exists.
-- AdamT "Maidenhead is *not* in Kent" ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:23 EDT