header-logo
Suggest Exploit
vendor:
Ripe Website Manager
by:
Unknown
7.5
CVSS
HIGH
Input-Validation
79
CWE
Product Name: Ripe Website Manager
Affected Version From: Versions prior to Ripe Website Manager 0.8.10
Affected Version To: Unknown
Patch Exists: YES
Related CWE: Not provided
CPE: Not provided
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Ripe Website Manager Multiple Input-Validation Vulnerabilities

Ripe Website Manager is prone to multiple input-validation vulnerabilities, including HTML- and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Mitigation:

Update to Ripe Website Manager version 0.8.10 or later.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/25406/info

Ripe Website Manager is prone to multiple input-validation vulnerabilities, including HTML- and SQL-injection issues.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

These issues affect versions prior to Ripe Website Manager 0.8.10. 

http://example.com/admin/pages/delete_page.php?id=0 or 1=1

Navigation

Suggest Exploit

Services By CQR