7 lines
No EOL
450 B
Text
Executable file
7 lines
No EOL
450 B
Text
Executable file
source: http://www.securityfocus.com/bid/12788/info
|
|
|
|
Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileDB. These issues are reported to exist in the 'viewall.php' and 'category.php' scripts.
|
|
|
|
Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying database.
|
|
|
|
http://www.example.com/[pafiledb_dir]/pafiledb.php?action=viewall&start='&sortby=rating |