Description - X-Forwarded-For SQL Injection in DSCounter
SQL Injection found in DSCounter script.
- Exploit
- Available
- Solution
- Not available - check vendor's website
Vulnerable script: index.php
Environment variable HTTP_X_FORWARDED_FOR isn't properly sanitized before its value being used in the SQL query. This can be used to make any SQL query by injecting arbitrary SQL code.
Condition: magic_quotes_gpc = off
Order Source Code Audit
Prevent attacks by source code audit of your website or web application made by eVuln team.The work will be done by experts in website security.