header-logo
Suggest Exploit
vendor:
Audiens
by:
7.5
CVSS
HIGH
Input-Validation
CWE
Product Name: Audiens
Affected Version From: 3.3
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Audins Audiens Input-Validation Vulnerabilities

Multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, allow an attacker to steal authentication credentials, compromise the application, retrieve and overwrite sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Mitigation:

Implement proper input validation and sanitization techniques. Use parameterized queries or prepared statements to prevent SQL injection. Apply output encoding to prevent XSS attacks. Regularly update and patch the application to address any known vulnerabilities.
Source

Exploit-DB raw data:

Audins Audiens is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied input.
 
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, retrieve and overwrite sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
 
Audins Audiens version 3.3 is vulnerable; other versions may also be affected. 

http://www.example.com/[path]/setup.php/>"><ScRiPt>alert('XSS')%3B</ScRiPt>

Navigation

Suggest Exploit

Services By CQR