Xoops CMS SQL Injection Vulnerability Reported

    Date: 06/29/06 (Java Web)    Keywords: php, sql

    KeyCoder has discovered a vulnerability in the MyAds module for Xoops, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the “lid” parameter in annonces-p-f.php isn’t properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability has [...]

    Source: http://blog.taragana.com/index.php/archive/xoops-cms-sql-injection-vulnerability-reported/

« Mambo CMS Suffers From File... || Microsoft Internet Explorer... »
Search  •  Site Map  •  Set as Homepage  •  Add to Favourites  • 
antivirus | apache | asp | blogging | browser | bugtracking | cms | crm | css | database | ebay | ecommerce | google | hosting | html | java | jsp | linux | microsoft | mysql | offshore | offshoring | oscommerce | php | postgresql | programming | rss | security | seo | shopping | software | spam | spyware | sql | technology | templates | tracker | virus | web | xml | yahoo | home