Description
SQL injection vulnerability in member.php in Blackorpheus ClanMemberSkript 1.0 allows remote attackers to execute arbitrary SQL commands via the userID parameter.
Affected products
- blackorpheus / clanmemberskript1.0 – 1.0
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/19678
- MISChttp://www.securityfocus.com/bid/17558
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/1405
- EXPLOIThttps://www.exploit-db.com/exploits/1683
- MISChttp://downloads.securityfocus.com/vulnerabilities/exploits/Blackorpheus_poc
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/25902