TML 0.5 - 'index.php?id' SQL Injection

EDB-ID:

26840

Author:

X1ngBox

Type:

webapps

Platform:

PHP

Published:

2005-12-15

source: http://www.securityfocus.com/bid/15876/info
 
TML CMS is prone to multiple input validation vulnerabilities.
 
Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks.
 
TML CMS 0.5 is reportedly affected. Other versions may be vulnerable as well. 

http://www.example.com/[ztml]/index.php?doc=unote&id=[sql]