vendor:
WebJaxe
by:
IHTeam
7,5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: WebJaxe
Affected Version From: 1.01
Affected Version To: 1.01
Patch Exists: NO
Related CWE: N/A
CPE: a:obspm:webjaxe
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Win/Linux
2010
WebJaxe Sql Injection
An unauthenticated attacker can inject malicious SQL queries into the vulnerable WebJaxe application. This can allow the attacker to gain access to sensitive information such as usernames and passwords.
Mitigation:
Input validation should be used to prevent SQL injection attacks. Additionally, authentication should be used to prevent unauthenticated users from accessing the vulnerable application.
