header-logo
Suggest Exploit
vendor:
N/A
by:
Mohammed Fathi, Zooka, El3arby
7.5
CVSS
HIGH
Sql Injection
89
CWE
Product Name: N/A
Affected Version From: All
Affected Version To: All
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP professional
2011

Sql injextion

Sql injection on file News.php?id= http://xxx.com/news.php?id=[Sql] ---- Live -- http://www.site.com/news.php?id=157[sql commends] ----

Mitigation:

Input validation and sanitization, use of prepared statements, use of stored procedures, use of parameterized queries, use of least privilege accounts, use of web application firewalls
Source

Exploit-DB raw data:

# Exploit Title: [Sql injextion]
# Google Dork: [Website Powered By ReadMore Systems,
Incorporated<http://readmoresystems.com/>
]
# Date: [02/03/2011]
# Author: [Mohammed Fathi(vBzone),Zooka, El3arby (Egyption Hacker's]
# Software Link: [http://readmoresystems.com]
# Version: [All]
# Tested on: [Windows XP professional]
# CVE : [if exists]
Sql injection on file News.php?id=
http://xxx.com/news.php?id=[Sql]
---- Live --
http://www.site.com/news.php?id=157[sql commends]
----
By Zooka,vBzone
http://tantaday.com

Navigation

Suggest Exploit

Services By CQR