Advanced Webhost Billing System (AWBS) 2.9.2 – ‘oid’ SQL Injection

Exploit Database
139 阅读

作者： ShivX

日期： 2011-01-16
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/35231/

source: https://www.securityfocus.com/bid/45827/info

Advanced Webhost Billing System (AWBS) is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data.

A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

AWBS 2.9.2 is vulnerable; other versions may also be affected.

http://www.example.com/cart?ca=add_other&oid=1'%20AND%20SLEEP(100)='

last Exploits
Advanced Webhost Billing System (AWBS) 2.9.2 – ‘oid’ SQL Injection的更多信息

Full Site for Restaurant – SQL Injection：
Jettweb PHP Hazır Haber Sitesi Scripti V3 – SQL Injection：
TR Forum 1.5 – Multiple Vulnerabilities：
Joomla! Component com_commedia – ‘task’ SQL Injection：
grocy 2.7.1 – Persistent Cross-Site Scripting：
PHP4dvd – ‘config.php’ PHP Code Injection：
PHP Matrimonial Script 3.0 – SQL Injection：
ManageEngine ServiceDesk 8.0 – Multiple Vulnerabilities：