NewsPHP Multiple Variable Handling Remote SQL Injection.....
NewsPHP Multiple Variable Handling Remote SQL Injection Vulnerabilities Multiple vulnerabilities were identified in NewsPHP, which could be exploited by remote attackers to execute arbitrary SQL commands.
This topic was started by Jackass,
NewsPHP Multiple Variable Handling Remote SQL Injection Vulnerabilities
Multiple vulnerabilities were identified in NewsPHP, which could be exploited by remote attackers to execute arbitrary SQL commands. These flaws are due to input validation errors in the "index.php" script that does not properly validate the "discuss", "tim", "id", "last" and "limit" parameters before being used in SQL statements, which could be exploited by malicious people to conduct SQL injection attacks.
Review
Multiple vulnerabilities were identified in NewsPHP, which could be exploited by remote attackers to execute arbitrary SQL commands. These flaws are due to input validation errors in the "index.php" script that does not properly validate the "discuss", "tim", "id", "last" and "limit" parameters before being used in SQL statements, which could be exploited by malicious people to conduct SQL injection attacks.
Review
Participate on our website and join the conversation
This topic is archived. New comments cannot be posted and votes cannot be cast.
