header-logo
Suggest Exploit
vendor:
phpMyDirectory
by:
Serseri
7,5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: phpMyDirectory
Affected Version From: 1.3.3
Affected Version To: 1.3.3
Patch Exists: NO
Related CWE: N/A
CPE: a:phpmydirectory:phpmydirectory:1.3.3
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2012

phpMyDirectory.com (v. 1.3.3) SQL Injection

An attacker can inject malicious SQL queries into the vulnerable parameter 'id' of the page.php file, which can be used to extract sensitive information from the database.

Mitigation:

Input validation should be used to prevent SQL injection attacks.
Source

Exploit-DB raw data:

# Exploit Title: phpMyDirectory.com (v. 1.3.3) SQL Injection


# Google Dork: phpMyDirectory.com (v. 1.3.3)


# Location : Türkiye


# Date: 08/01/20112


# Version:   v. 1.3.3


# Author:    Serseri  | www.imhatimi.org |       Biri Bizimi  Çaðýrdý    J


# Software Link: http://www.phpmydirectory.com/


~~~~~~~~~~~~~~~~ Exploit ~~~~~~~~~~~~~~~~~~~~~~~~

# Http://[site.com]/path/page.php?id=[SQLi]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-----------------------------------------------------------------
Www.Ýmhatimi.org    Serseri  Madwolf

Navigation

Suggest Exploit

Services By CQR