BatmanPorTaL - uyeadmin.asp id Parameter SQL Injection

ID EDB-ID:31745
Type exploitdb
Reporter U238
Modified 2008-05-05T00:00:00


BatmanPorTaL uyeadmin.asp id Parameter SQL Injection. CVE-2008-6640. Webapps exploit for php platform


BatmanPorTaL is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.,(admin_kd),2,1,(admin_pw),4,5,6,7,8,9,1,1,1,1,1,1,1,1,1,1,1+from+ayarlar