header-logo
Suggest Exploit
vendor:
db_mysql_loeschen2.php
by:
SecurityFocus
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: db_mysql_loeschen2.php
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Input Validation Error in db_mysql_loeschen2.php Script

It has been reported that an input validation error with the potential for use in a SQL injection attack is present in the "db_mysql_loeschen2.php" script. When a user is requesting the "db_mysql_loeschen2.php" script, one of the parameters that can be passed to the script is "db". There are no checks on the value of this variable before it is used in an SQL query string. Consequently, malicious users may corrupt the resulting SQL queries by specially crafting a value for the "db" variable.

Mitigation:

Input validation should be performed to ensure that user-supplied data is properly sanitized before being used in an SQL query.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9830/info

It has been reported that an input validation error with the potential for use in a SQL injection attack is present in the "db_mysql_loeschen2.php" script. When a user is requesting the "db_mysql_loeschen2.php" script, one of the parameters that can be passed to the script is "db". There are no checks on the value of this variable before it is used in an SQL query string.

Consequently, malicious users may corrupt the resulting SQL queries by specially crafting a value for the "db" variable.

db_mysql_loeschen2.php?db=' or 1 or 1='

Navigation

Suggest Exploit

Services By CQR