header-logo
Suggest Exploit
vendor:
Gazi Okul Sitesi
by:
Unknown
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Gazi Okul Sitesi
Affected Version From: 2007
Affected Version To: 2007
Patch Exists: NO
Related CWE:
CPE: a:gazi_okul_sitesi:2007
Metasploit:
Other Scripts:
Platforms Tested:
2007

SQL Injection vulnerability in Gazi Okul Sitesi

The Gazi Okul Sitesi web application is prone to an SQL-injection vulnerability due to insufficient sanitization of user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Mitigation:

To mitigate this vulnerability, proper input validation and sanitization techniques should be implemented to ensure that user-supplied data is properly handled before being used in SQL queries.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/23316/info

Gazi Okul Sitesi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

This issue affects Gazi Okul Sitesi 2007. 

http://www.example.com//fotokategori.asp?'%20union%20select%201,2,3,password,5,6,username,8%20from%20admin

Navigation

Suggest Exploit

Services By CQR