vendor:
Angelo-Emlak v1.0
by:
U238
9
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Angelo-Emlak v1.0
Affected Version From: Angelo-Emlak v1.0
Affected Version To: Angelo-Emlak v1.0
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
Angelo-Emlak v1.0 Multiple Remote SQL injection Vulnerable
Angelo-Emlak v1.0 is vulnerable to multiple remote SQL injection attacks. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, such as user credentials and other confidential data. The attacker can also execute arbitrary code on the server.
Mitigation:
The application should be tested for SQL injection vulnerabilities and any vulnerable code should be fixed. Input validation should be implemented to prevent malicious input from being processed by the application.