17 lines
736 B
Text
Executable file
17 lines
736 B
Text
Executable file
source: http://www.securityfocus.com/bid/46135/info
|
|
|
|
Octeth Oempro is prone to multiple SQL-injection vulnerabilities and an information-disclosure vulnerability.
|
|
|
|
Exploiting these issues could allow an attacker to obtain sensitive information, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
|
|
|
Octeth Oempro 3.6.4 is vulnerable; other versions may also be affected.
|
|
|
|
http://www.example.com/cli_bounce.php
|
|
|
|
http://www.example.com/link.php?URL=[ENC URL]&Name=&EncryptedMemberID=[ENCODED
|
|
SQLI]&CampaignID=9&CampaignStatisticsID=16&Demo=0&Email=[MAIL]
|
|
|
|
http://www.example.com/html_version.php?ECID=[SQL]
|
|
|
|
http://www.example.com/archive.php?ArchiveID=[SQL]
|
|
|