header-logo
Suggest Exploit
vendor:
Webring service
by:
L0rd CrusAd3r
7,5
CVSS
HIGH
SQLi Vulnerability
89
CWE
Product Name: Webring service
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

The webring service SQL Injection

The Webring service offers a place where users can create their own webrings, which is a community of websites that are connected that offers more traffic to the member of the ring. With our webring service users easily create their free webring that also displays on the web site homepage, plus visitors the the users webrings can easily add their own website that is 100% moderated from the members area. This website has enormous traffic potential and features a rotating banners system and newsletter for advertising revenue.

Mitigation:

Input validation and sanitization should be done to prevent SQL injection attacks.
Source

Exploit-DB raw data:

1               ##########################################             1
0               I'm L0rd CrusAd3r member from Inj3ct0r Team            1
1               ##########################################             0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1
Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
Exploit Title:The webring service SQL Injection
Vendor url:http://getaphpsite.com
Version:1
Price:20$
Published: 2010-06-22
Greetz to:r0073r (inj3ct0r.com), Sid3^effects, MaYur, MA1201, M4n0j, Sonic Bluehat.
Special Greetz: Topsecure.net, inj3ct0r Team , Andhrahackers.com
Shoutzz:- To all ICW members.
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Description:

The webring service offers a place where users can create their own webrings, which is a community of websites that are connected that offers more traffic to the member of the ring.

With our webring service users easily create their free webring that also displays on the web site homepage, plus visitors the the users webrings can easily add their own website that is 100% moderated from the members area. This website has enormous traffic potential and features a rotating banners system and newsletter for advertising revenue. 

~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~

Vulnerability:

*SQLi Vulnerability

DEMO URL :

http://server/webring/category.php?cat=[sqli]

# 0day n0 m0re #
# L0rd CrusAd3r #