Exploit Tausch Ticket Script 3 - 'vote.php?descr' SQL Injection

[Exploiter]

EDB-ID

34810

Проверка EDB

1. Пройдено

Автор

MOUDI

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2009-2428

Дата публикации

2009-07-07

Tausch Ticket Script 3 - 'vote.php?descr' SQL Injection

source: https://www.securityfocus.com/bid/43710/info
 
Tausch Ticket Script is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input.
 
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
 
Tausch Ticket Script 3 is vulnerable; other versions may also be affected.

http://www.example.com/vote.php?descr=[SQL]