vendor:
W-Agora
by:
ihteam.net
N/A
CVSS
HIGH
SQL Injection
89
CWE
Product Name: W-Agora
Affected Version From: Up to version 4.2.1
Affected Version To:
Patch Exists: NO
Related CWE:
CPE: a:w-agora:w-agora:4.2.1
Platforms Tested:
2007
W-Agora <= 4.2.1 SQL Injection
The W-Agora version 4.2.1 is vulnerable to SQL Injection. By exploiting this vulnerability, an attacker can execute arbitrary SQL queries on the database.
Mitigation:
The vendor has not provided a specific mitigation for this vulnerability. It is recommended to update to a newer version of W-Agora if available.