Plague News System 0.7 CID Parameter SQL Injection Vulnerability

2005-07-04T00:00:00
ID EDB-ID:25934
Type exploitdb
Reporter Easyex
Modified 2005-07-04T00:00:00

Description

Plague News System 0.7 CID Parameter SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/14136/info

Plague News System is prone to an SQL injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application.

Other attacks may be possible depending on the capabilities of the underlying database and the nature of the affected query. 

http://www.example.com/index.php?cid=[SQL Command]