Sigma ISP Manager 6.6 – ‘Sigmaweb.dll’ SQL Injection

26次阅读
没有评论

Sigma ISP Manager 6.6 – ‘Sigmaweb.dll’ SQL Injection

漏洞ID 1055105 漏洞类型
发布时间 2005-05-16 更新时间 2005-05-16
Sigma ISP Manager 6.6 - 'Sigmaweb.dll' SQL InjectionCVE编号 N/A
 		Sigma ISP Manager 6.6 - 'Sigmaweb.dll' SQL InjectionCNNVD-ID N/A
漏洞平台 CGI CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/25668
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/13640/info

Sigma ISP Manager is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to using it in an SQL query.

Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

http://www.example.com/scripts/sigmaweb.dll

username: a very long sting of codes and data like:

: /' /'.' por //":>>?>>??>+_+_)()((**&^%^%%$#!?><>><><?/?""""''':L:L"">:":.

相关推荐: Cerberus FTP Server Information Disclosure Weakness

Cerberus FTP Server Information Disclosure Weakness 漏洞ID 1100461 漏洞类型 Design Error 发布时间 2003-04-16 更新时间 2003-04-16 CVE编号 N/A CNNVD…

正文完
isp sigma 漏洞
发表至: 网络安全漏洞
2021年4月9日
 0
文章搜索
热门文章
随机文章