gNews Publisher SQL Injection Vulnerabilites

2006-11-22T00:00:00
ID SECURITYVULNS:DOC:15173
Type securityvulns
Reporter Securityvulns
Modified 2006-11-22T00:00:00

Description

Aria-Security's Research Team>

<www.Aria-Security.Com For further help>

Original Advisory at:

http://www.aria-security.com/forum/showthread.php?t=37

-----------------------------------------

Software: gNews Publisher

Vendor: http://gazatem.com

Method: SQL Injection

Poc:

http://target/categories.asp?catID=[SQL Injection]

http://target/categories.asp?editorID=[SQL Injection]

Contact Us:

Advisory@Aria-Security.net