vendor:
W3infotech Web Application
by:
ViRuS_HiMa
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: W3infotech Web Application
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2007
W3infotech ( Auth Bypass ) SQL injection Vulnerability
The vulnerability exists in the W3infotech web application, which allows an attacker to bypass authentication by using the password 'hima' or 'a'='a' in both the username and password fields.
Mitigation:
Input validation should be used to prevent SQL injection attacks.