[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability
# Published : 2009-02-09
# Author : K-159
# Previous Title : w3bcms <= v3.5.0 Multiple Remote Vulnerabilities Exploit
# Next Title : A Better Member-Based ASP Photo Gallery (entry) SQL Injection Vuln


____________________   ___ ___ ________
_   _____/_   ___  /   |   \_____    
 |    __)_ /      //    ~    /   |    
 |        \     ___    Y    /    |    
/_______  / ______  /___|_  /_______  /
        /         /       /         / 

                                        .OR.ID
ECHO_ADV_102$2009

-----------------------------------------------------------------------------------------
[ECHO_ADV_102$2009] BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability
-----------------------------------------------------------------------------------------

Author       : M.Hasran Addahroni
Date         : February, 7 th 2009
Location     : Jakarta, Indonesia
Web          : http://e-rdc.org/v1/news.php?readmore=123
Critical Lvl : Medium
Impact       : Manipulation of data / Exposure of sensitive information
Where        : From Remote
---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : BusinessSpace
version     : <= 1.2
Vendor      : http://www.business-space.org
Description :

BusinessSpace - Social Networking in a Box
BusinessSpace is an enterprise collaboration software designed to stand up to and keep in pace with todaya