header-logo
Suggest Exploit
vendor:
APT-webshop
by:
Unknown
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: APT-webshop
Affected Version From: APT-webshop 3.0 light, 3.0 basic, and 4.0 pro
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Multiple SQL Injection Vulnerabilities in APT-webshop

APT-webshop is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

Mitigation:

To mitigate these vulnerabilities, it is recommended to implement proper input validation and sanitization techniques to prevent SQL injection attacks. Additionally, keeping the application and underlying database software up to date with the latest patches and security fixes is advised.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/17425/info

APT-webshop is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. 

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

APT-webshop 3.0 light, 3.0 basic, and 4.0 pro are reported prone to these issues. Other versions may be vulnerable as well.

http://www.example.com/modules.php?warp=artikel&group=[SQL]
http://www.example.com/modules.php?warp=artikel&group=&seite=[SQL]
http://www.example.com/modules.php?warp=artikel&group=&seite=&id=[SQL]