<<< Date Index >>>     <<< Thread Index >>>

omnistar article manager [multiples injection sql]



vendor site:http://www.omnistararticle.com/
product :omnistar article manager
bug:injection sql
risk : high

path:
/articles/comments.php?article_id='[sql]
/articles/article.php?op=save&article_id='[sql]
/articles/pages.php?page_id='[sql]


laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit@xxxxxxxxx