header-logo
Suggest Exploit
vendor:
Levent Veysi Portal
by:
Unknown
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Levent Veysi Portal
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE: Unknown
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

SQL Injection Vulnerability in Levent Veysi Portal

The Levent Veysi Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.

Mitigation:

To mitigate this vulnerability, the developer should implement proper input validation and parameterized queries to prevent SQL injection attacks. Additionally, keeping the software up-to-date with security patches can help prevent such vulnerabilities.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24794/info

Levent Veysi Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.

This issue affects Levent Veysi Portal 1.0; other versions may also be affected. 

http://www.example.com/script_path/oku.asp?id=-1+union+select+0,1,kullaniciadi,sifre+from+admin