vendor:
N/A
by:
wlhaan hacker
9
CVSS
HIGH
SQL Injection
89
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020
Joomla Component com_mdigg(category) SQL-injection vulnerability
An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This request contains an SQL query that when executed, will return the username and password of the application's users. The attacker can then use this information to gain access to the application.
Mitigation:
The best way to mitigate this vulnerability is to ensure that user input is properly sanitized and validated before being used in an SQL query.