vendor:
Pixelactivo
by:
Snakespc
9
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Pixelactivo
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009
Pixelactivo Remote SQL Injection Vulnerability
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The crafted request contains malicious SQL statements that are executed in the context of the application's database user. This can be used to access or modify data in the database, or to execute administrative operations on the database (such as shutdown the DBMS).
Mitigation:
Input validation should be used to prevent SQL injection attacks. Input validation should be applied on both client-side and server-side. Additionally, parameterized queries should be used to prevent SQL injection.
