PostNuke modload Module "sid" Parameter SQL Injection

Friday, May 7, 2010


modload is a module for the PostNuke content manager. The module is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "sid" parameter before using it in an SQL query.

Ref: http://www.securityfocus.com/bid/39713

10.18.80 - CVE: Not Available
Platform: Web Application - SQL Injection
Posted by d3ck4 at 10:00 PM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Most Recent Post

MORE ON ARCHIVE
Widget by Mad Tomato

Help Me Expose This Article in Bulk!

Bookmark & Share

- OR -

SELECT YOUR PREFERRED ONE:

Bookmark and Share