vendor:
Hosting Script
by:
41.w4r10r
7,5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Hosting Script
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Apache/Unix
2010
SoftBizScripts Hosting Script SQL Injection Vunerability
SoftBizScripts Hosting Script is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a crafted HTTP request with malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, modify data, execute administration operations on the database and in some cases issue commands to the operating system.
Mitigation:
Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL statements. Additionally, parameterized queries should be used to prevent SQL injection attacks.
