CVE-2008-1869

SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific...

CVE-2008-1869

SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific...

CVE-2008-1869

CVE-2008-1869 describes a SQL injection in Site Sift Listings (Site Sift) where the vulnerable code does not sanitize the input from the id parameter in the detail action to index.php . The underlying root cause is unsanitized user input being concatenated into a SQL query, enabling an attacker t...

sitesift-sql.txt

powered by Site Sift scripts SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : powered by Site Sift DORK 2 : allinurl: "index php go addpage" DORK 2 : allinurl: "index.php?go=deta...

Site Sift Listings (id) Remote SQL Injection Vulnerability

No description provided by source. powered by Site Sift scripts SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : powered by Site Sift DORK 2 : allinurl: "index php go addpage" DO...

Site Sift Listings detail.php id Parameter SQL Injection

The remote host is running Site Sift, a PHP script for maintaining a web directory. The version of Site Sift installed on the remote host fails to sanitize user-supplied input to the 'id' parameter before before using it in the 'detail.php' script to construct a database query. Regardless of PHP'...

Site Sift Listings - 'id' SQL Injection

powered by Site Sift scripts SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : powered by Site Sift DORK 2 : allinurl: "index php go addpage" DORK 2 : allinurl: "index.php?go=deta...

Site Sift Listings (id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================== Site Sift Listings id Remote SQL Injection Vulnerability ========================================================== powered by Site Sift scripts SQL Injection DORK 1 : powered by...

Site Sift Listings - id SQL Injection

Site Sift Listings - id SQL Injection powered by Site Sift scripts SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : powered by Site Sift DORK 2 : allinurl: "index php go addpage"...