vendor:
phpDealerLocator
by:
Robert Cooper
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: phpDealerLocator
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Linux/Windows 7
2011
phpDealerLocator – Multiple SQL Injection vulnerabilities
The phpDealerLocator software is vulnerable to multiple SQL Injection vulnerabilities. An attacker can exploit these vulnerabilities by sending maliciously crafted requests to the vulnerable parameters. For example, an attacker can send a request to the record.php?Dealer_ID= parameter with the following payload: http://www.example.com/Locator/record.php?Dealer_ID=00000026 union all select 1,2,3,4,5,group_concat(Users_Name,0x3a,Users_Password,0x0a),7,8 FROM users--, which will allow the attacker to extract the usernames and passwords of all users in the database.
Mitigation:
Developers should ensure that user input is properly sanitized and validated before being used in SQL queries. Additionally, developers should use parameterized queries to prevent SQL injection attacks.
