header-logo
Suggest Exploit
vendor:
PwsPHP
by:
SecurityFocus
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: PwsPHP
Affected Version From: 1.2.2002
Affected Version To: 1.2.2002
Patch Exists: YES
Related CWE: N/A
CPE: PwsPHP
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

PwsPHP SQL Injection Vulnerability

PwsPHP is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

Mitigation:

The vendor has addressed this issue in PwsPHP version 1.2.3; earlier versions are reported vulnerable.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13563/info

PwsPHP is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

The vendor has addressed this issue in PwsPHP version 1.2.3; earlier versions are reported vulnerable. 

http://www.example.com/profil.php?id='[SQL Injection]

Navigation

Suggest Exploit

Services By CQR