vendor:
Pagetool
by:
Katatafish
7.5
CVSS
HIGH
Remote SQL Injection
89
CWE
Product Name: Pagetool
Affected Version From: 01.07
Affected Version To: 01.07
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2007
pagetool-1.07 Remote SQL Injection
The pagetool-1.07 version is vulnerable to a remote SQL injection. This can be exploited by an attacker by sending a specially crafted request to the index.php file with a malicious payload in the 'name' parameter. This allows the attacker to retrieve sensitive information from the database.
Mitigation:
Update to a patched version of Pagetool or use a different software solution that is not vulnerable to SQL injection.
