Hosting Controller 6.1 - Multiple SQL Injections
| EKU-ID: 31314 | CVE: | OSVDB-ID: |
| Author: Soroush Dalili | Published: 2005-07-13 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 31314 | CVE: | OSVDB-ID: |
| Author: Soroush Dalili | Published: 2005-07-13 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/14258/info Hosting Controller is prone to an SQL injection vulnerability. This issue allows a remote attacker to manipulate query structure and logic. It has been reported that the attacker may gain unauthorized access to sensitive information. Other attacks may be possible depending on the capabilities of the underlying database and the nature of the affected query. One may input this string into the search box on the affected pages: 'or'1'='1'or'1'='1