- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 32013
- Проверка EDB
-
- Пройдено
- Автор
- JULIAN RODRIGUEZ
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-6837
- Дата публикации
- 2008-07-07
Код:
source: https://www.securityfocus.com/bid/30116/info
Zoph is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Zoph 0.7.2.1 is vulnerable; other versions may also be affected.
UPDATE (July 2, 2009): The vendor disputes that Zoph is affected by these issues. Recent versions of Zoph are reported not vulnerable.
The following login credentials are reported to trigger this issue:
username: '--
password: '--
- Источник
- www.exploit-db.com