header-logo
Suggest Exploit
vendor:
phpaaCms
by:
CoBRa_21
7,5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: phpaaCms
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

phpaaCms (list.php?id) SQL Injection Vulnerability

A SQL injection vulnerability exists in phpaaCms due to improper sanitization of user-supplied input in the 'id' parameter of the 'list.php' script. An attacker can exploit this vulnerability to execute arbitrary SQL commands in the application's database, allowing them to access or modify sensitive data.

Mitigation:

Input validation should be used to ensure that user-supplied data is properly sanitized before being used in SQL queries.
Source

Exploit-DB raw data:

########################################################################################

phpaaCms (list.php?id) SQL Injection Vulnerability

########################################################################################

Author : CoBRa_21

Script Home : http://phpaa.cn

Dork : null

########################################################################################
 
Sql Injection:

http://localhost/[path]/list.php?id=161'    (SQL İnj.)

########################################################################################

Navigation

Suggest Exploit

Services By CQR