AVideo has a Blind SQL Injection in Live Schedule Reminder via Unsanitized live_schedule_id in Scheduler_commands::getAllActiveOrToRepeat()

Summary The remindMe.json.php endpoint passes $REQUEST'livescheduleid' through multiple functions without sanitization until it reaches Schedulercommands::getAllActiveOrToRepeat, which directly concatenates it into a SQL LIKE clause. Although intermediate functions new Liveschedule,...

YourFreeWorld Reminder Service - SQL Injection

YourFreeWorld Reminder Service - SQL Injection Reminder Service id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script : http://www.yourfreeworld.com/script/reminder.php DorK : inurl:tr.php?id= Reminder Service Exploit :...

YourFreeWorld Reminder Service (id) SQL Injection Vulnerability

No description provided by source. Reminder Service id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script : http://www.yourfreeworld.com/script/reminder.php DorK : inurl:tr.php?id= Reminder Service Exploit :...

YourFreeWorld Reminder Service - SQL Injection

Reminder Service id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script : http://www.yourfreeworld.com/script/reminder.php DorK : inurl:tr.php?id= Reminder Service Exploit :...

reminder-sql.txt

|| | |Reminder Service id Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangelg85atYahooDoTcom | | | | | | | script :http://www.yourfreeworld.com/script/reminder.php | | DorK :...