EmbryoCore 1.03 – ‘index.php’ SQL Injection

Exploit Database
110 阅读

作者： KedAns-Dz

日期： 2011-05-09
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/35724/

source: https://www.securityfocus.com/bid/47763/info

EmbryoCore is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

EmbryoCore 1.03 is vulnerable; other versions may also be affected.

http://www.example.com/[path]/index.php?page=[-!Blind SQLi Here!-]

last Exploits
EmbryoCore 1.03 – ‘index.php’ SQL Injection的更多信息

WordPress Plugin Duplicator 1.4.7 – Information Disclosure：
osTicket 1.6 RC5 – Multiple Vulnerabilities：
PBBoard 2.1.4 – Multiple SQL Injections：
ICLowBidAuction 3.3 – SQL Injection：
CGILua 3.0 – SQL Injection：
AWStats 6.4 < 6.5 - migrate Remote Command Execution (Metasploit)：
Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 – Multiple Vulnerabilities：
PHP Address Book 7.0.0 – Multiple Vulnerabilities：