Описание
SQL injection vulnerability in go.php in Scripts24 iPost 1.0.1 and iTGP 1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter in a report action.
SQL injection vulnerability in go.php in Scripts24 iPost 1.0.1 and iTGP 1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter in a report action.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-3491
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44175
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44176
- https://www.exploit-db.com/exploits/6185
- https://www.exploit-db.com/exploits/6186
- http://osvdb.org/47333
- http://secunia.com/advisories/31344
- http://secunia.com/advisories/31345
- http://securityreason.com/securityalert/4117
- http://www.securityfocus.com/bid/30504
- http://www.securityfocus.com/bid/30505
Связанные уязвимости
nvd
больше 17 лет назад
SQL injection vulnerability in go.php in Scripts24 iPost 1.0.1 and iTGP 1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter in a report action.