header-logo
Suggest Exploit
vendor:
HuronCMS
by:
Not mentioned
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: HuronCMS
Affected Version From: Huron CMS 8
Affected Version To: Huron CMS 11
Patch Exists: NO
Related CWE: Not mentioned
CPE: Not mentioned
Metasploit:
Other Scripts:
Platforms Tested: Not mentioned
2007

SQL Injection Vulnerabilities in HuronCMS

HuronCMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Mitigation:

To mitigate these vulnerabilities, it is recommended to implement proper input validation and sanitization techniques to ensure that user-supplied data is properly handled before being used in SQL queries.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/39685/info

HuronCMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Huron CMS 8 11 2007 is vulnerable; other versions may also be affected. 

The following example data are available:

Username: 'or 1=1/*
Password: 'or 1=1/*

Navigation

Suggest Exploit

Services By CQR