Bugtraq mailing list archives
HotPlugCMS_1.0 - SQL Injection Vulnerability
From: guest01 () gmail com
Date: 15 Jun 2006 11:31:59 -0000
HotPlugCMS doesn't check input field values, so logging in on /hotplugcms/administration/tblcontent is very easy with ' OR 1=1 /* and a SQL-inject will bypass the entire authentication process. Typical, very simple SQL Injection. peda
Current thread:
- HotPlugCMS_1.0 - SQL Injection Vulnerability guest01 (Jun 15)