[VIM] Dreampics Builder (exhibition_id) Remote SQL Injection Vulnerability
George A. Theall
theall at tenablesecurity.com
Tue Aug 18 17:33:46 UTC 2009
milw0rm 9451 looks rather similar to an issue discovered by xoron
earlier this year and covered by milw0rm 7968 / OSVDB 51741 /
CVE-2009-0445. Except that xoron says it's a blind SQL injection vuln
while Mr. SQL suggests a plain SQL injection attack works. Anybody
have access to the source and can confirm either way? Do they involve
different versions?
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list