header-logo
Suggest Exploit
vendor:
ipbProArcade
by:
Unknown
7.5
CVSS
HIGH
Remote SQL Injection
Unknown
CWE
Product Name: ipbProArcade
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE: Unknown
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

ipbProArcade Remote SQL Injection Vulnerability

A remote SQL injection vulnerability has been discovered in ipbProArcade. The vulnerability is caused by the lack of proper sanitization of user-supplied input in the 'gameid' parameter. An attacker can exploit this vulnerability to manipulate SQL query strings and potentially execute arbitrary database queries. This could lead to the disclosure or corruption of sensitive database information.

Mitigation:

To mitigate this vulnerability, it is recommended to apply the vendor-supplied patch or upgrade to a patched version of ipbProArcade. Additionally, input validation and sanitization should be implemented to prevent SQL injection attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15205/info

A remote SQL injection vulnerability reportedly affects ipbProArcade.

The problem affects the 'gameid' parameter.

An attacker may leverage this issue to manipulate SQL query strings and potentially carry out arbitrary database queries. This may facilitate the disclosure or corruption of sensitive database information. 

http://www.example.com/forums/index.php?act=Arcade&module=favorites&gameid=|aLMaSTeR

Navigation

Suggest Exploit

Services By CQR