MojoAuto Blind SQL Injection Exploit

vendor:

by:

Mr.SQL

7.5

CVSS

HIGH

Blind SQL Injection

CWE

Product Name:

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

MojoAuto Blind SQL Injection Exploit

This is a Perl script that exploits the MojoAuto blind SQL injection vulnerability in the mojoAuto.cgi script. It allows an attacker to extract the MD5 hash of a password.

Mitigation:

The vendor should release a patch to fix the SQL injection vulnerability in the mojoAuto.cgi script.

Source

MojoAuto Blind SQL Injection Exploit

Mitigation:

Exploit-DB raw data: