Jetbox CMS Multiple SQL Injection Vulnerabilities

Attackers can use a browser to exploit these issues.

The following proof-of-concept URIs are available:

http://www.example.com/admin/cms/images.php?orderby=[INJECTION POINT]
http://www.example.com/path/admin/cms/nav.php?task=editrecord&nav_id=[INJECTION POINT]


 

Privacy Statement
Copyright 2010, SecurityFocus