header-logo
Suggest Exploit
vendor:
DB[CMS]
by:
Pokeng
8,8
CVSS
HIGH
SQL Injection
89
CWE
Product Name: DB[CMS]
Affected Version From: 2.01
Affected Version To: 2.01
Patch Exists: NO
Related CWE: N/A
CPE: a:debliteck:dbcms
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Win/Linux
2020

DB[CMS] Sql Injection Vulnerability

A SQL injection vulnerability exists in DB[CMS] version 2.01. An attacker can send a malicious SQL query to the vulnerable parameter 'id' in the 'article.php' script to execute arbitrary SQL commands on the underlying database.

Mitigation:

Input validation should be used to prevent SQL injection attacks. Sanitize all user input and use parameterized queries.
Source

Exploit-DB raw data:

# Exploit Title: DB[CMS]  Sql Injection Vulnerability
# Author: Pokeng
# Software Link: http://www.debliteck.com/how.php

# Version: Ver2.01
# Platform / Tested on: Win/Linux
# category: webapps/0day
# Code : http://[site]/article.php?id=[SQL]
# Dork : "Designed and Developed by Debliteck Ltd"

//Now I'm Just Alone In The Dark T_T

//Very Thank's For My brother Who Always Give Me Support By The Good
Way = N4ck0 And Aury

Navigation

Suggest Exploit

Services By CQR