7 lines
No EOL
589 B
Text
Executable file
7 lines
No EOL
589 B
Text
Executable file
source: http://www.securityfocus.com/bid/13077/info
|
|
|
|
A remote SQL Injection vulnerability affects PostNuke Phoenix. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries.
|
|
|
|
An attacker may exploit this issue to manipulate SQL queries to the underlying database. This may facilitate theft sensitive information, potentially including authentication credentials, and data corruption.
|
|
|
|
http://localhost/modules.php?op=modload&name=News&file=article&sid='SQL_INJECTION&POSTNUKESID=355776cfb622466924a7096d4471a480 |