Computer Security

Security Advisory: omnistar article manager [multiples injection sql]
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Wheatblog [multiple xss (post) & full path disclosure]

  LandShop Real Estate [multiple injection sql & xss]

  bitweaver <=1.3.1 [injection sql (post) & xss (post)]

From:laurent gaffié <saps.audit_(at)_gmail.com>
Date:10.11.2006
Subject:omnistar article manager [multiples injection sql]

vendor site:http://www.omnistararticle.com/
product :omnistar article manager
bug:injection sql
risk : high

path:
/articles/comments.php?article_id='[sql]
/articles/article.php?op=save&article_id='[sql]
/articles/pages.php?page_id='[sql]


laurent gaffiй & benjamin mossй
http://s-a-p.ca/
contact: saps.audit@gmail.com
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server