vendor:
Emporium
by:
Hussin X
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Emporium
Affected Version From: 2.3.2000
Affected Version To: 2.3.2000
Patch Exists: No
Related CWE: N/A
CPE: a:burnwave:emporium:2.3.0
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
PHP-Nuke Module Emporium 2.3.0 (id_catg) SQL Injection Vulnerability
A SQL injection vulnerability exists in the Emporium 2.3.0 module for PHP-Nuke. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information from the database.
Mitigation:
Input validation should be used to prevent SQL injection attacks. Additionally, parameterized queries should be used to prevent SQL injection attacks.