header-logo
Suggest Exploit
vendor:
KMSoft GB
by:
SONiC
7,5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: KMSoft GB
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

KMSoft GB –SQl iNjection Vulnerabilty

KMSoft GB is vulnerable to SQL injection. An attacker can inject malicious SQL queries into the vulnerable parameter 'p' in the URL http://www.site.org/demo/KmsoftGB/default.asp?p=2[sqli], which can be used to access or modify the contents of the database.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in an SQL query.
Source

Exploit-DB raw data:

==============================================================
KMSoft GB --SQl iNjection  Vulnerabilty 
==============================================================


Name : KMSoft GB --SQl iNjection  Vulnerabilty  
Date : july 9,2010
Critical Level     :VERY HIGH
vendor URL :   http://www.kmsoft.org 


Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>

special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,Bunny,Nishi,MA1201,RJ,D3aD F0x

greetz to :www.topsecure.net ,All ICW members , iNj3cT0r.com, www.andhrahackers.com

special Shoutz : my Girl Frnd [H*****] 


###################################
I'm SONiC member from Inj3ct0r Team
################################### 
Description:

* Really easy script setup, using and modifications. * Turning Number (CAPTCHA). * Bad- Words Filter. * Web based admin functions (active message / deactive message / special message (ON- OFF) | view / add / edit / delete records)


#######################################################################################################
Xploit :SQL injection  Vulnerabilty 

DEMO URL  http://www.site.org/demo/KmsoftGB/default.asp?p=2[sqli]



###############################################################################################################

# ..::[ SONiC ]::.. aka the_pshyco

Navigation

Suggest Exploit

Services By CQR