Specialized Data Systems Parent Connect 2010.04.11 – Multiple SQL Injections

Exploit Database
13 阅读

作者： epixoip

日期： 2010-05-21
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/34029/

source: https://www.securityfocus.com/bid/40324/info

Specialized Data Systems Parent Connect is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Parent Connect 2010.4.11 is vulnerable; other versions may also be affected. 

The following example data is available:

password: ' OR '1'='1

last Exploits
Specialized Data Systems Parent Connect 2010.04.11 – Multiple SQL Injections的更多信息

Skybluecanvas CMS 1.1 r248-03 – Remote Command Execution：
Sielco Analog FM Transmitter 2.12 – ‘id’ Cookie Brute Force Session Hijacking：
Business Networking Script 8.11 – SQL Injection / Cross-Site Scripting：
Boelter Blue System Management 1.3 – SQL Injection：
addressbook 9.0.0.1 – ‘id’ SQL Injection：
Joomla! Component JEXTN Reverse Auction 3.1.0 – SQL Injection：
Daily Tracker System 1.0 – Authentication Bypass：
Onpub CMS 1.4/1.5 – Multiple SQL Injections：