vendor:
NeoBill
by:
SecurityFocus
7,5
CVSS
HIGH
Multiple Security Vulnerabilities
N/A
CWE
Product Name: NeoBill
Affected Version From: 0.9-alpha
Affected Version To: 0.9-alpha
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2013
NeoBill Multiple Security Vulnerabilities
NeoBill is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to execute arbitrary commands, to execute local script code in the context of the application, the attacker may be able to obtain sensitive information that may aid in further attacks. The exploit code provided in the description can be used to exploit the vulnerability.
Mitigation:
NeoBill should be updated to the latest version to mitigate the risk of exploitation.
