SnoGrafx (cat.php?cat) SQL Injection Vulnerability

vendor:

SnoGrafx

by:

CoBRa_21

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: SnoGrafx

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2020

SnoGrafx (cat.php?cat) SQL Injection Vulnerability

A SQL injection vulnerability exists in SnoGrafx, which is a web-based content management system. The vulnerability is located in the 'cat.php?cat' parameter of the application. An attacker can inject malicious SQL commands to gain access to the database and execute arbitrary code.

Mitigation:

The application should be updated to the latest version and all input should be validated and sanitized before being used in SQL queries.

Source

Exploit-DB raw data:

########################################################################################

SnoGrafx (cat.php?cat) SQL Injection Vulnerability

########################################################################################

Author : CoBRa_21
Author Web Page :http://ipbul.org
Dork : "powered by SnoGrafx"
Download Page : http://snografx.com/

########################################################################################
 
Sql Injection:
http://localhost/[path]/cat.php?cat=2' (Sql)

########################################################################################
Thanks cyber-warrior.org  &  e-banka.org
########################################################################################