SPGPartenaires 3.0.1 ident.php SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/6455/info Several vulnerabilities have been discovered in SPGPartenaires. The vulnerabilities are due to insufficient sanitization of the 'pass' and 'SPGP' variables used to construct SQL queries in various PHP scripts. B...

SPGpartenaires (PHP)

Informations : °°°°°°°°°°°°°° Version : ? - 3.0.1 Website : http://www.scripts-php-gratuits.com Problem : SQL Injection - Access to member's accounts PHP Code/Location : °°°°°°°°°°°°°°°°°°° modif/ident.php : -------------------------------------------------- ... $sql="SELECT nomsite FROM...