- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 32003
- Проверка EDB
-
- Пройдено
- Автор
- CWH UNDERGROUND
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-3033
- Дата публикации
- 2008-06-30
Код:
source: https://www.securityfocus.com/bid/30016/info
RSS-aggregator is prone to multiple SQL-injection and authentication-bypass vulnerabilities.
A successful exploit could allow an attacker to compromise the application, access or modify data, exploit vulnerabilities in the underlying database, and gain administrative access to the affected application.
RSS-aggregator 1.0 is vulnerable; other versions may also be affected.
http://www.example.com/admin/fonctions/supprimer_flux.php?IdFlux=5
http://www.example.com/admin/fonctions/modifier_tps_rafraich.php?TpsRafraich=500- Источник
- www.exploit-db.com
