- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 24626
- Проверка EDB
-
- Пройдено
- Автор
- PIGRELAX
- Тип уязвимости
- WEBAPPS
- Платформа
- ASP
- CVE
- cve-2004-1555
- Дата публикации
- 2004-09-27
FreezingCold Broadboard - 'profile.asp' SQL Injection
Код:
source: https://www.securityfocus.com/bid/11250/info
Reportedly BroadBoard Message Board is affected by multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI input prior to using it in an SQL query.
An attacker may exploit these issues to manipulate SQL queries, potentially revealing or corrupting sensitive database data. These issues may also facilitate attacks against the underlying database software.
http://broadboard/forum/profile.asp?handle=['SQL code]- Источник
- www.exploit-db.com
