vendor:
Mega ADS Portal
by:
Hussin X
9.8
CVSS
HIGH
Remote SQL Injection
89
CWE
Product Name: Mega ADS Portal
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: No
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009
Mega ADS Portal (cid) Remote SQL Injection Vulnerability
A remote SQL injection vulnerability exists in the Mega ADS Portal (cid) due to insufficient sanitization of user-supplied input. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This can allow the attacker to gain access to sensitive information such as usernames, passwords, emails, and other confidential data stored in the database.
Mitigation:
The application should validate user-supplied input and sanitize it before using it in SQL queries.