Scripts Genie Pet Rate Pro SQL Injection and PHP Code Execution Vulnerabilities
BID:58008
Info
Scripts Genie Pet Rate Pro SQL Injection and PHP Code Execution Vulnerabilities
| Bugtraq ID: | 58008 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 17 2013 12:00AM |
| Updated: | Feb 17 2013 12:00AM |
| Credit: | TheMirkin |
| Vulnerable: |
Scripts Genie Pet Rate Pro 0 |
| Not Vulnerable: | |
Discussion
Scripts Genie Pet Rate Pro SQL Injection and PHP Code Execution Vulnerabilities
Scripts Genie Pet Rate Pro is prone to an SQL-injection vulnerability and a PHP code-execution vulnerability because it fails to sufficiently sanitize user-supplied data.
Successfully exploiting these issues may allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, or execute arbitrary PHP code in the context of the application.
Scripts Genie Pet Rate Pro is prone to an SQL-injection vulnerability and a PHP code-execution vulnerability because it fails to sufficiently sanitize user-supplied data.
Successfully exploiting these issues may allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, or execute arbitrary PHP code in the context of the application.
Exploit / POC
Scripts Genie Pet Rate Pro SQL Injection and PHP Code Execution Vulnerabilities
Attackers can use a browser to exploit these issues.
Attackers can use a browser to exploit these issues.
Solution / Fix
Scripts Genie Pet Rate Pro SQL Injection and PHP Code Execution Vulnerabilities
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
Scripts Genie Pet Rate Pro SQL Injection and PHP Code Execution Vulnerabilities
References:
References:
- Pet Rate Pro Homepage (Scripts Genie)
- Scripts genie pet rate pro multiple vulnerabilities (TheMirkin)