vendor:
Hot or Not
by:
L0rd CrusAd3r
7,5
CVSS
HIGH
SQLi Vulnerability
89
CWE
Product Name: Hot or Not
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010
Pictue rating SQL Vulnerable
The Hot or Not site is a picture rating website where people can post pictures for other's to rate and post comments on. The site also features an email system for members to communicate through the website. This is is an excellent traffic builder with advertising revenue potential.
Mitigation:
Input validation and sanitization should be done to prevent SQL injection attacks.