Exploit Magic Forum Personal - 'view_forum.cfm?ForumID' SQL Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
26764
Проверка EDB
  1. Пройдено
Автор
R0T
Тип уязвимости
WEBAPPS
Платформа
CFM
CVE
cve-2005-4071
Дата публикации
2005-12-08
Код:
source: https://www.securityfocus.com/bid/15774/info
 
CFMagic Products are prone to multiple input validation vulnerabilities. These are due to a lack of proper sanitization of user-supplied input.
 
These vulnerabilities allow an attacker to inject malicious SQL code into database queries, and conduct cross-site scripting attacks.
 
Magic Book Professional version 2.0 and prior, Magic List Professional version 2.5 and prior, and Magic Forum Personal versions 2.5 and prior are vulnerable.
 
Other versions of these applications may also be affected. 

http://www.example.com/view_forum.cfm?ForumID=1[SQL]
 
Источник
www.exploit-db.com

Похожие темы