Netjuke 'search.php' Multiple SQL Injection Vulnerabilities

Netjuke 'search.php' Multiple SQL Injection Vulnerabilities

Attackers can use a browser to exploit these issues.

The following example URIs are available:

http://www.example.com/netjuke/search.php?do=list.tracks&col=[SQL-Injection]
http://www.example.com/netjuke/search.php?do=search.adv&clause=KCB1cHBlcih0ci5uYW1lKSBsaWtlICclPFNDUklQVD5BTEVSVCgxKTwvU0NSSVBUPiUnICk%3D&sort=al&filter=[SQL-Injection]
http://www.example.com/netjuke/search.php?do=search&col=ge.name&val=[SQL-Injection]
http://www.example.com/netjuke/search.php?do=list.tracks&col=ar_id&val=325&sort=al&filter=al_id=[SQL-Injection]