Exploit Tausch Ticket Script 3 - 'suchauftraege_user.php?userid' SQL Injection

[Exploiter]

EDB-ID

34809

Проверка EDB

1. Пройдено

Автор

MOUDI

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2009-2428

Дата публикации

2009-07-07

Tausch Ticket Script 3 - 'suchauftraege_user.php?userid' SQL Injection

source: https://www.securityfocus.com/bid/43710/info

Tausch Ticket Script is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Tausch Ticket Script 3 is vulnerable; other versions may also be affected.

http://www.example.com/suchauftraege_user.php?userid=[SQL]