Exploit Database - Logo

Cotonti - 'admin.php' SQL Injection

EDB-ID: 37444 Author: AkaStep Published: 2012-06-22
CVE: N/A Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: Link Tags: N/A
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
« Previous Exploit Next Exploit » 
source: http://www.securityfocus.com/bid/54147/info

Cotonti is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

Cotonti 0.6.23 is vulnerable; other versions may also be affected. 

http://www.example.com/admin.php?m=hits&f=year&v=1[SQLi]
« Previous Exploit Next Exploit »

Related Exploits

Other Possible E-DB Search Terms: Cotonti
Date D V Title Author
2013-08-02 Verified Cotonti 0.9.13 - SQL InjectionHigh-Tech B...
2011-05-30 Verified Cotonti 0.9.2 - Multiple SQL InjectionsKedAns-Dz
2011-10-10 Waiting verification cotonti CMS 0.9.4 - Multiple VulnerabilitiesLiquidWorm
Menu