vendor:
xhresim
by:
EcHoLL
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: xhresim
Affected Version From: All versions
Affected Version To: All versions
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
XOOPS Module: xhresim All Version
A SQL injection vulnerability exists in XOOPS Module: xhresim All Version. An attacker can send a specially crafted HTTP request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to disclose sensitive information from the database, modify data, or exploit further vulnerabilities in the underlying system.
Mitigation:
Input validation should be used to prevent SQL injection attacks.