TUTOS file_overview.php link_id Parameter SQL Injection

ID EDB-ID:24616
Type exploitdb
Reporter Joxean Koret
Modified 2004-09-20T00:00:00


TUTOS file_overview.php link_id Parameter SQL Injection. CVE-2004-2161. Webapps exploit for php platform

                                            source: http://www.securityfocus.com/bid/11221/info

Tutos is reported prone to multiple remote input-validation vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting and SQL-injection attacks. 

These issue reportedly affect Tutos 1.1.2004-04-14.