|
|
Simple Forum PHP Multiple SQL Injection Vulnerabilities
Attackers can use a browser to exploit these issues. The following example URIs are available: http://www.example.com/cms/forum.php?p=-1 [SQL-INJECTION]-- http://www.example.com/cms/forum.php?orderType=-1 [SQL-INJECTION]-- http://www.example.com/cms/forum.php?orderType=[ASC/DESC]&orderBy=-1 [SQL-INJECTION]-- http://www.example.com/cms/forum/admin.php?act=topics&orderType=-1 [SQL-INJECTION]-- http://www.example.com/cms/forum/admin.php?act=topics&orderType=[ASC/DESC]&search=&orderBy=-1 [SQL-INJECTION]-- http://www.example.com/cms/forum/admin.php?act=replies&topic_id=&orderType=-1 [SQL-INJECTION]-- http://www.example.com/cms/forum/admin.php?act=replies&topic_id=&orderType=[ASC/DESC]&search=&orderBy=-1 [SQL-INJECTION]-- |
|
Privacy Statement |