|
SQL Injection in DCI-Taskeen |
|
|
|
|
Monday, 27 February 2006 |
Vulnerable: DCI-Taskeen v1.03
http://www.dci-designs.com
Exploit :
http://example.com/basket.php?action=addex&id=[SQL]
http://example.com/basket.php?action=[SQL]
http://example.com/basket.php?action=addr&id=[SQL]
http://example.com/cat.php?do=cat&page=1&id=[SQL]
http://example/cat.php?do=cat&page=[SQL]
Discovery by Linux_Drox
http://www.lezr.com
Best Regards
|