source: http://www.securityfocus.com/bid/15548/info Tunez is prone to multiple input validation vulnerabilities. The application is affected by an SQL injection vulnerability and a cross-site scripting issue. Successful exploitation of the SQL injection issue could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. The cross-site scripting issue may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/tunez/search.php?action=doSearch&searchFor=[code]&search_type=all
Related Exploits
Trying to match CVEs (1): CVE-2005-3834Trying to match OSVDBs (1): 21063
Other Possible E-DB Search Terms: Tunez 1.21, Tunez
Date | D | V | Title | Author |
---|---|---|---|---|
2005-11-23 |
![]() |
Tunez 1.21 - 'songinfo.php?song_id' SQL Injection | r0t3d3Vil |