vendor:
Just Another Video Script
by:
Ihsan Sencan
8,8
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Just Another Video Script
Affected Version From: 1.4.3
Affected Version To: 1.4.3
Patch Exists: NO
Related CWE: N/A
CPE: justanothervideoscript.com
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Win7 x64, Kali Linux x64
2017
Just Another Video Script 1.4.3 – SQL Injection
A SQL injection vulnerability exists in Just Another Video Script 1.4.3. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, such as user credentials, or even execute arbitrary code on the server.
Mitigation:
Developers should always sanitize user input and use parameterized queries to prevent SQL injection attacks.
