[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] [Wooyun]German Nutrition Society website Sql injection
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: [Full-disclosure] [Wooyun]German Nutrition Society website Sql injection
- From: "Wooyun.org" <help.en@xxxxxxxxxx>
- Date: Thu, 17 Oct 2013 00:01:45 +0800
*Abstract:*
German Nutrition Society website Sql injection
*Details:*
PHP-Nuke 'sid' Parameter SQL Injection Vulnerability
http://www.dge.de/modules.php?name=News&file=article&sid=914
*Proofs of concept:*
*[image: 内嵌图片 1]
*
_______________________________________________
Form: http://en.wooyun.org/bugs/wooyun-2013-02
Author: Finger <http://en.wooyun.org/whitehats/Finger>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/