W-Agora 4.2.1 SQL Injection

W-Agora 4.2.1 SQL Injection: Posted Aug 18, 2012; Authored by HTTPCS; W-Agora version 4.2.1 suffers from multiple remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; SHA-256 | 347cc670ff8041425d554d0f9024ae0f644062ea365e84898e4f32bb1aee93bb; Download | Favorite | View

W-Agora 4.2.1 SQL Injection

HTTPCS Advisory : HTTPCS79
Product : w-agora
Version : 4.2.1
Date : 2012-08-17
Criticality level : Highly Critical
Description : A vulnerability has been discovered in w-agora, which can be
exploited by malicious people to conduct SQL injection attacks. Input passed via
the 'pattern' parameter to '/users.php' is not properly sanitised before being
used in a SQL query. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
Page : /users.php
Variables : pattern=[VulnHTTPCS]
Type : SQLI
Method : GET
Solution :
References : https://www.httpcs.com/advisory/httpcs79
Credit : HTTPCS [Web Vulnerability Scanner]

Top Authors In Last 30 Days

Red Hat 227 files
Ubuntu 60 files
LiquidWorm 24 files
Debian 17 files
indoushka 15 files
Apple 9 files
Google Security Research 6 files
Gentoo 5 files
Chokri Hammedi 3 files
Jann Horn 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,155)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,819)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,239)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,968)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

W-Agora 4.2.1 SQL Injection

W-Agora 4.2.1 SQL Injection

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

W-Agora 4.2.1 SQL Injection

Share This

W-Agora 4.2.1 SQL Injection

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems