header-logo
Suggest Exploit
vendor:
Okul Portal
by:
Unknown
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Okul Portal
Affected Version From: 2
Affected Version To: 2
Patch Exists: NO
Related CWE:
CPE: a:ibrahim_Ã?akici:okul_portal:2.0
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Ibrahim Ã?AKICI Okul Portal SQL Injection Vulnerability

The Ibrahim Ã?AKICI Okul Portal is vulnerable to an SQL injection vulnerability due to insufficient sanitization of user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability by manipulating the SQL query logic to perform unauthorized actions on the underlying database.

Mitigation:

To mitigate this vulnerability, the application should implement proper input validation and sanitization techniques to prevent SQL injection attacks. Additionally, using parameterized queries or prepared statements can also help protect against SQL injection.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24379/info

Ibrahim Ã?AKICI Okul Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.

Ibrahim Ã?AKICI Okul Portal 2.0 is vulnerable to this issue. 

http://www.example.com/haber_oku.asp?id=9%20union+select+0,sifre,kulladi,3,4,5,6+from+uyeler

Navigation

Suggest Exploit

Services By CQR