SQL Injection in Video Community Portal

vendor:

Video Community Portal

by:

Unknown

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Video Community Portal

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2012

SQL Injection in Video Community Portal

Video Community Portal is vulnerable to an SQL injection attack due to insufficient sanitization of user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to compromise the application, access or modify data, or exploit other vulnerabilities in the underlying database.

Mitigation:

To mitigate this vulnerability, the application should properly sanitize and validate user-supplied input before using it in SQL queries. Prepared statements or parameterized queries should be used instead of dynamically concatenating user input with SQL queries.

Source

SQL Injection in Video Community Portal

Mitigation:

Exploit-DB raw data: