3 matches found
CodeWidgets Web Based Alpha Tabbed Address Book Index.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26193/info CodeWidgets Web Based Alpha Tabbed Address Book is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue cou...
CodeWidgets Web Based Alpha Tabbed Address Book Index.ASP SQL注入漏洞
CodeWidgets Web Based Alpha Tabbed Address Book是一款基于ASP的WEB应用程序。 CodeWidgets Web Based Alpha Tabbed Address Book不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL攻击,获得敏感信息或操作数据库。 问题是由于'index.asp'脚本对用户提交的'alpha'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,攻击者可以获得敏感信息或操作数据库。 CodeWidgets Web Based Alpha Tabbed Address Book...
CodeWidgets Web Based Alpha Tabbed Address Book - 'index.asp' SQL Injection
source: https://www.securityfocus.com/bid/26193/info CodeWidgets Web Based Alpha Tabbed Address Book is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...