bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/asp/webapps/12606.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

62 lines
No EOL
1,008 B
Text
Raw Permalink Blame History

*==== =={ Advisory 14/5/2010 } ======*
*SQL injection vulnerability in SelfComposer CMS
*
*Vendor's Description of Software:*
*# http://www.selfcomposer.it*
*Dork:*
*allinurl:"prodotti.asp?idpadrerif="*
*Application Info:*
*Name: *SelfComposer
*Vulnerability Info:*
*Type: *SQL injection Vulnerability
*Risk: High*
*Fix:*
*N/A*
*Time Table:*
*06/05/2010 - Vendor notified.*
*Additional Info:*
All the input passed via "idprod", "idpadrerif", "idreferenza",
"idpadrerifIstituzionali"
is not properly sanitised before being used in a sql query.
*Solution:*
Input validation of "idprod", "idpadrerif", "idreferenza",
"idpadrerifIstituzionali"
parameters should be corrected.
*Vulnerability:*
# http://[site]/scheda.asp?idprod=[SQLi]&idpadrerif=[SQLi]
# http://[site]/schedaistituzionale.asp?idreferenza=[SQLi]&idpadrerifIstituzionali=[SQLi]
*Credit:*
Discoverd By: Locu
Website: http://xlocux.wordpress.com
Contacts: xlocux[-at-]gmail.com
*============ {EOF} =============*
*
*
*Locu*
Reference in a new issue View git blame Copy permalink