Infinitytechs Restaurants CM

2006.12.07

Credit: laurent gaffi & benjamin moss

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2006-6269

CWE: CWE-Other

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

product:Infinitytechs Restaurants CM 
bug:injection sql
risk:medium

injection sql:
/rating.asp?id='[sql]
/meal_rest.asp?mealid='[sql]
/res_details.asp?resid='[sql]

laurent gaffi & benjamin moss
http://s-a-p.ca/
contact: saps.audit (at) gmail (dot) com [email concealed]

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Infinitytechs Restaurants CM

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Infinitytechs Restaurants CM

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.