header-logo
Suggest Exploit
vendor:
FAQ Manager Pro, Poll Manager Pro
by:
SecurityFocus
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: FAQ Manager Pro, Poll Manager Pro
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Unknown
2008

Multiple Ocean12 products are prone to an SQL-injection vulnerability

Multiple Ocean12 products are prone to an SQL-injection vulnerability because they fail to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An example of vulnerable code is provided in the source.

Mitigation:

Input validation should be used to ensure that user-supplied data is properly sanitized.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/32527/info

Multiple Ocean12 products are prone to an SQL-injection vulnerability because they fail to sufficiently sanitize user-supplied data.

A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

The following applications are vulnerable:

Ocean12 FAQ Manager Pro
Ocean12 Poll Manager Pro 

http://www.example.com/login.asp?Admin_ID=[SQL]&Password=pass

Navigation

Suggest Exploit

Services By CQR