WEB//NEWS news.php Multiple Variable SQL Injection

2005-09-07T10:04:50
ID OSVDB:19231
Type osvdb
Reporter OSVDB
Modified 2005-09-07T10:04:50

Description

Manual Testing Notes

/include_this/news.php?cat=[SQL] /include_this/news.php?id=[SQL] /include_this/news.php?stof=[SQL]

References:

Security Tracker: 1014866 Secunia Advisory ID:16727 Related OSVDB ID: 19233 Related OSVDB ID: 19230 Related OSVDB ID: 19232 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-09/0082.html Keyword: NewAngels Advisory #5 ISS X-Force ID: 22179 CVE-2005-2896 Bugtraq ID: 14776