header-logo
Suggest Exploit
vendor:
by:
Unknown
7.5
CVSS
HIGH
SQL Injection and HTML Injection
89
CWE
Product Name:
Affected Version From:
Affected Version To:
Patch Exists: Unknown
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Multiple vulnerabilities in software allowing SQL injection and HTML injection attacks

The software is prone to multiple vulnerabilities that allow remote attackers to carry out SQL injection and HTML injection attacks. These vulnerabilities may also lead to unauthorized access to user accounts.

Mitigation:

To mitigate these vulnerabilities, it is recommended to apply the latest security patches and updates for the software. Additionally, input validation and sanitization techniques should be implemented to prevent SQL injection and HTML injection attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11363/info
  
Multiple vulnerabilities have been identified in the software that may allow a remote attacker to carry out SQL injection and HTML injection attacks. An attacker may also gain unauthorized access to a user's account.
  
DUclassmate may allow unauthorized remote attackers to gain access to a computer.
  
DUclassified is reported prone to multiple SQL injection vulnerabilities.
  
SQL injection issues also affect DUforum.
  
DUclassified and DUforum are also reported vulnerable to various unspecified HTML injection vulnerabilities.

http://www.example.com/DUforum/messages.asp?FOR_ID=1;[SQL INJECT]

Navigation

Suggest Exploit

Services By CQR