Published: 26/11/2005 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 775

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Subscribe to Web Hosting Directory Script

Multiple SQL injection vulnerabilities in Softbiz Web Host Directory Script 1.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) cid parameter in search_result.php, (2) sbres_id parameter in review.php, (3) cid parameter in browsecats.php, (4) h_id parameter in email.php, and (5) an unspecified parameter to the search module.

Vulnerable Product	Search on Vulmon	Subscribe to Product
softbiz web hosting directory script

source: wwwsecurityfocuscom/bid/15561/info Softbiz Web Host Directory Script is prone to multiple SQL injection vulnerabilities These issues occur because the application fails to properly sanitize user-supplied input before using it in an SQL query Successful exploitation could result in a compromise of the application, disclosure or ...

source: wwwsecurityfocuscom/bid/15561/info Softbiz Web Host Directory Script is prone to multiple SQL injection vulnerabilities These issues occur because the application fails to properly sanitize user-supplied input before using it in an SQL query Successful exploitation could result in a compromise of the application, disclosure o ...

source: wwwsecurityfocuscom/bid/15561/info Softbiz Web Host Directory Script is prone to multiple SQL injection vulnerabilities These issues occur because the application fails to properly sanitize user-supplied input before using it in an SQL query Successful exploitation could result in a compromise of the application, disclosu ...

# Exploit Title: SoftBizScripts Hosting Script SQL Injection Vunerability # Date: 29-4-2010 # Author: 41w4r10r # Vendor Link : softbizscriptscom/ # Version: Web Application # Tested on: Apcahe/Unix # CVE : [if exists] # Dork : inurl:"browsecatsphp?cid=" # Code : ---------------------------------------------------------------------------- ...

source: wwwsecurityfocuscom/bid/15561/info Softbiz Web Host Directory Script is prone to multiple SQL injection vulnerabilities These issues occur because the application fails to properly sanitize user-supplied input before using it in an SQL query Successful exploitation could result in a compromise of the application, disclosure ...

CWE-89 http://www.securityfocus.com/bid/15561 http://secunia.com/advisories/17724 http://www.osvdb.org/21079 http://www.osvdb.org/21080 http://www.osvdb.org/21081 http://www.osvdb.org/21082 http://www.osvdb.org/21083 http://pridels0.blogspot.com/2005/11/web-host-directory-script-multiple.html http://www.vupen.com/english/advisories/2005/2557 https://exchange.xforce.ibmcloud.com/vulnerabilities/23208 https://nvd.nist.gov https://www.exploit-db.com/exploits/26580/

CVE-2005-3817

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect