Description
SQL injection vulnerability in the login component in BestWebApp Dating Site allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by laurent gaffie · textwebappsasp
https://www.exploit-db.com/exploits/29080
References (6)
Core 6
Core References
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/1898
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/488647/100/100/threaded
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23017
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30394
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/21158
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/451963/100/0/threaded
Scores
EPSS
0.0195
EPSS Percentile
83.6%
Details
Status
published
Products (1)
bestwebapp/bestwebapp_dating_site
Published
Nov 21, 2006
Tracked Since
Feb 18, 2026