vendor:
allCineVid
by:
Salvatore Fresta aka Drosophila
7.5
CVSS
HIGH
Blind SQL Injection
89
CWE
Product Name: allCineVid
Affected Version From: 1.0.0
Affected Version To: 1.0.0
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2011
allCineVid Joomla Component 1.0.0 Blind SQL Injection Vulnerability
A parameter is not properly sanitised before being used in SQL queries, allowing attackers to manipulate SQL queries by injecting arbitrary SQL code.
Mitigation:
No fix.