CJ Ultra Plus SQL Injection Vulnerability

vendor:

CJ Ultra Plus

by:

SecurityFocus

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: CJ Ultra Plus

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2004

CJ Ultra Plus SQL Injection Vulnerability

CJ Ultra Plus is prone to an SQL injection vulnerability. This issue affects the 'out.php' script and could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.

Mitigation:

Input validation and proper sanitization of user-supplied data should be implemented to prevent SQL injection attacks.

Source

CJ Ultra Plus SQL Injection Vulnerability

Mitigation:

Exploit-DB raw data: