Month: November 2004

[This was originally published on OSVDB, now gone, and touched up for style. VulnDB 12143. Discovered while trying to install the script to verify a researcher’s findings.] SecretSanta.phpUsing a ‘ in the account name, full name or group name generates the following error with full install path: Warning: mysql_fetch_row(): supplied argument is not a valid…