header-logo
Suggest Exploit
vendor:
Swinger Club Portal
by:
SecurityFocus
7.5
CVSS
HIGH
SQL Injection and Remote File Inclusion
89 (SQL Injection) and 98 (Remote File Inclusion)
CWE
Product Name: Swinger Club Portal
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: No
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Swinger Club Portal SQL Injection and Remote File Inclusion Vulnerability

Swinger Club Portal is prone to an SQL-injection vulnerability and a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to access or modify data, exploit latent vulnerabilities in the underlying database, obtain potentially sensitive information, or execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

Mitigation:

Input validation should be used to ensure that user-supplied data does not include malicious SQL or script code.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/43622/info
 
Swinger Club Portal is prone to an SQL-injection vulnerability and a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
 
An attacker can exploit these vulnerabilities to access or modify data, exploit latent vulnerabilities in the underlying database, obtain potentially sensitive information, or execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
 
http://www.example.com/anzeiger/start.php?go=[RFI]

Navigation

Suggest Exploit

Services By CQR