vendor:
http://www.nconf.org/
by:
2013
Nconf is vulnerable to Sql injection in most of the files. They did not sanitize any GET POST FILEDs. Some of them are: Blind Sqli in handle_item.php on Id parameter. delete_attr.php. clone_host_write2db.php. A simple reflected XSS. A LocalPath Disclose.
CVSS
N/A
Modify_attr.php etc Multiple Sql injection
CWE
Product Name: http://www.nconf.org/
Affected Version From: NO
Affected Version To: nconf 1.3
Patch Exists: Sanitize all GET, POST, and FILED parameters before using them in SQL queries.
Related CWE: Saadat Ullah
CPE: nconf 1.3
Metasploit:
https://www.exploit-db.com/raw/24564
Platforms Tested: nconf
MEDIUM
nconf handle_item.php
Sql injection
Mitigation:
89
