Hosting Controller ‘resellerresources.asp’脚本 SQL注入漏洞

Hosting Controller ‘resellerresources.asp’脚本 SQL注入漏洞

漏洞ID 1108816 漏洞类型 SQL注入
发布时间 2005-05-28 更新时间 2005-10-20
图片[1]-Hosting Controller ‘resellerresources.asp’脚本 SQL注入漏洞-安全小百科CVE编号 CVE-2005-1788
图片[2]-Hosting Controller ‘resellerresources.asp’脚本 SQL注入漏洞-安全小百科CNNVD-ID CNNVD-200506-010
漏洞平台 ASP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/25754
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200506-010
|漏洞详情
HostingController6.1Hotfix2.0中的resellerresources.asp脚本存在SQL注入漏洞,远程攻击者可借助jresourceid参数执行任意SQL指令。
|漏洞EXP
source: http://www.securityfocus.com/bid/13806/info
 
Hosting Controller is reported prone to multiple vulnerabilities. These issues can allow an attacker gain unauthorized access to data and carry out SQL injection attacks.
 
These issues reportedly affect Hosting Controller 6.1 HotFix 2.0 and prior versions.

http://www.example.com/admin/hosting/plandetails.asp?hostcustid=[PlanID]
|参考资料

来源:SECTRACK
名称:1014071
链接:http://securitytracker.com/id?1014071
来源:SECUNIA
名称:15540
链接:http://secunia.com/advisories/15540

相关推荐: Sun Solaris 7.0 – rpc.ttdbserver Denial of Service

Sun Solaris 7.0 – rpc.ttdbserver Denial of Service 漏洞ID 1053432 漏洞类型 发布时间 1999-11-19 更新时间 1999-11-19 CVE编号 N/A CNNVD-ID N/A 漏洞平台 S…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享