RSS-aggregator 1.0 admin/fonctions/supprimer_tag.php IdTag Parameter SQL Injection

2008-06-30T00:00:00
ID EDB-ID:32002
Type exploitdb
Reporter CWH Underground
Modified 2008-06-30T00:00:00

Description

RSS-aggregator 1.0 admin/fonctions/supprimer_tag.php IdTag Parameter SQL Injection. CVE-2008-3034. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/30016/info
 
RSS-aggregator is prone to multiple SQL-injection and authentication-bypass vulnerabilities.
 
A successful exploit could allow an attacker to compromise the application, access or modify data, exploit vulnerabilities in the underlying database, and gain administrative access to the affected application.
 
RSS-aggregator 1.0 is vulnerable; other versions may also be affected. 

http://www.example.com/admin/fonctions/supprimer_tag.php?IdTag=[SQL injection]