vendor:
DT Register
by:
Ihsan Sencan
9.8
CVSS
CRITICAL
SQL Injection
89
CWE
Product Name: DT Register
Affected Version From: 3.2.7
Affected Version To: 3.2.7
Patch Exists: YES
Related CWE: CVE-2018-6584
CPE: a:dthdevelopment:dt_register:3.2.7
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: WiN7_x64/KaLiLinuX_x64
2018
Joomla! Component DT Register 3.2.7 – SQL Injection
A SQL injection vulnerability exists in Joomla! Component DT Register 3.2.7. An attacker can send a malicious SQL query to the vulnerable parameter 'id' in the 'index.php' file to execute arbitrary SQL commands in the application's database.
Mitigation:
The vendor has released an update to address this vulnerability. Users are advised to update to the latest version of the software.