PHP Designer 2007 Personal - Multiple SQL Injections

EDB-ID:

37025

CVE:

N/A


Author:

MR.XpR

Type:

webapps


Platform:

PHP

Date:

2012-03-30


source:  https://www.securityfocus.com/bid/52819/info

PHP Designer 2007 - Personal is prone multiple SQL-injection vulnerabilities.

A successful exploit will allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 

http://www.example.com/read_news.php?news_id=[Sqli]
http://www.example.com/announce.php?id=[Sqli]