BugTraq
Blog System v1.2 Multiple SQL Injection Vulnerabilities Dec 05 2005 08:58PM
vipsta gmail com
Blog System v1.2 (http://www.netartmedia.net/blogsystem/)
is vulnerable to 2 SQL injection vulnerabilities for failure to correctly sanitize SQL parameters.

http://[HOST]/index.php?mode=home&cat=-99[SQL CODE]

http://[HOST]/blog.php?user=[USER]&note=-99[SQL CODE]

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus