IQID:14379 HTTP Schoolhos CMS SQL Injection Vulnerability S
IQID: 14379 - December 2016
The sql injection vulnerability is located in the `user` parameter of the `index?p=userberita` module GET method request. Remote attackers are able to execute own sql commands by usage of an insecure GET method request through the vulnerable parameter of the own application. The attack vector of the vulnerability is application-side and the request method to inject is GET. The security vulnerability in the content management system is a classic select remote sql-injection.
A Full Description is available for this threat, please sign in for access to Full Description.
Attack Data
Attack Data is available for this threat, please sign in for access to Attack Data.
CVSS Information
CVSS Information is available for this threat, please sign in for access to CVSS Information.
Date
Date Information is available for this threat, please sign in for access to Date Information.
Security Rule
A security rule is available to identify this threat, please sign in for access to security rules.
Permalink
Link directly to this page.
http://www.idappcom.com/db/?14379
© 2024 by IDappcom. Privacy policy. IDappcom Ltd, 6 Rural Enterprise Centre, Ludlow, Shropshire, SY8 1FF.