7 lines
No EOL
467 B
Text
Executable file
7 lines
No EOL
467 B
Text
Executable file
source: http://www.securityfocus.com/bid/7697/info
|
|
|
|
A vulnerability has been discovered in PostNuke Phoenix v0.723 and earlier. Specifically, the Glossary module fails to sufficiently sanitize user-supplied input, making it prone to SQL injection attacks.
|
|
|
|
Exploitation may allow for modification of SQL queries, resulting in information disclosure, or database corruption.
|
|
|
|
http://example.com/modules.php?op=modload&name=Glossary&file=index&page=`[SQL QUERY] |