Exploit PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'category.php?start' SQL Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
25214
Проверка EDB
  1. Пройдено
Автор
[email protected]
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2005-0781
Дата публикации
2005-03-12
Код:
source: https://www.securityfocus.com/bid/12788/info
 
Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB. These issues are reported to exist in the 'viewall.php' and 'category.php' scripts.
 
Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying database. 

http://www.example.com/[pafiledb_dir]/pafiledb.php?action=category&start='&sortby=rating
 
Источник
www.exploit-db.com

Похожие темы