[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability
# Published : 2009-02-09
# Author : K-159
# Previous Title : w3bcms <= v3.5.0 Multiple Remote Vulnerabilities Exploit
# Next Title : A Better Member-Based ASP Photo Gallery (entry) SQL Injection Vuln
____________________ ___ ___ ________
_ _____/_ ___ / | \_____
| __)_ / // ~ / |
| \ ___ Y / |
/_______ / ______ /___|_ /_______ /
/ / / /
.OR.ID
ECHO_ADV_102$2009
-----------------------------------------------------------------------------------------
[ECHO_ADV_102$2009] BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability
-----------------------------------------------------------------------------------------
Author : M.Hasran Addahroni
Date : February, 7 th 2009
Location : Jakarta, Indonesia
Web : http://e-rdc.org/v1/news.php?readmore=123
Critical Lvl : Medium
Impact : Manipulation of data / Exposure of sensitive information
Where : From Remote
---------------------------------------------------------------------------
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : BusinessSpace
version : <= 1.2
Vendor : http://www.business-space.org
Description :
BusinessSpace - Social Networking in a Box
BusinessSpace is an enterprise collaboration software designed to stand up to and keep in pace with todaya