vendor:
RepairShop 2
by:
kaMtiEz
7.5
CVSS
HIGH
SQL Injection and Cross-site Scripting
CWE
Product Name: RepairShop 2
Affected Version From: 1.9.023 Trial
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2010
RepairShop 2 SQL Injection and Cross-site Scripting Vulnerabilities
The SQL-injection vulnerability and the cross-site scripting vulnerability in RepairShop 2 allows an attacker to steal authentication credentials, control the site's rendering, compromise the application, access or modify data, or exploit other vulnerabilities in the database.
Mitigation:
No fix available