GuppY 4.6.14 – ‘lng’ Multiple SQL Injections

Exploit Database
32 阅读

作者： kurdish hackers team

日期： 2011-03-30
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/35525/

source: https://www.securityfocus.com/bid/47086/info

GuppY is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

GuppY 4.6.14 is vulnerable; other versions may also be affected. 

http://www.example.com/links.php?lng=fr [sql Injection]
http://www.example.com/guestbk.php?lng=fr [sql Injection]
http://www.example.com/articles.php?pg=43&lng=fr [ sql Injection]

last Exploits
GuppY 4.6.14 – ‘lng’ Multiple SQL Injections的更多信息

WordPress Plugin Easy Social Icons 1.2.2 – Cross-Site Request Forgery：
Uiga Church Portal – ‘index.php’ SQL Injection：
KeyBase Botnet 1.5 – SQL Injection：
eazyPortal 1.0.0 – Multiple Vulnerabilities：
Cyclope Employee Surveillance Solution 6.0/6.1.0/6.2.0/6.2.1/6.3.0 – SQL Injection：
JioFi 4G M2S 1.0.2 – ‘mask’ Cross-Site Scripting：
WordPress Theme Cover WP 1.6.5 – ‘s’ Cross-Site Scripting：
MySpace Clone 2010 – SQL Injection / Cross-Site Scripting：