vendor:
PG All Share Video
by:
Ihsan Sencan
9,8
CVSS
CRITICAL
SQL Injection
89
CWE
Product Name: PG All Share Video
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: NO
Related CWE: CVE-2017-15969
CPE: a:pilotgroup:pg_all_share_video:1.0
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: WiN7_x64/KaLiLinuX_x64
2017
PG All Share Video 1.0 – SQL Injection
The vulnerability allows an attacker to inject sql commands into the vulnerable parameters of the application. The vulnerable parameters are search/tag, friends/index, users/profile and video_catalog/category. The payloads used for exploiting the vulnerability are AND boolean-based blind - WHERE or HAVING clause, MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR), MySQL >= 5.0.12 AND time-based blind and Generic UNION query (NULL) - 3 columns.
Mitigation:
Input validation and sanitization should be done to prevent SQL injection attacks.
