Secunia Advisory SA10447Invision Power Top Site List SQL Injection Vulnerability
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Description
JeiAr has reported a vulnerability in Invision Power Top Site List, which potentially can be exploited by malicious people to manipulate data through HTTP. The problem is that the "offset" parameter isn't properly validated. This can potentially be used to manipulate SQL queries. Invision Power Top Site List 1.1 has been reported vulnerable. Solution Provided and/or discovered by Deep Links Do you have additional information related to this advisory?Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com
|
||||||||||||||||||||||||||||||||||||||||||||||||||
231 views | ![]() |
| Limny Multiple Vulnerabilities | |
327 views | ![]() |
| Ubuntu update for thunderbird | |
234 views | ![]() |
| Debian update for php5 | |