vendor:
Webthaiapp
by:
Xelenonz
7,5
CVSS
HIGH
Blind SQL Injection
89
CWE
Product Name: Webthaiapp
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010
Webthaiapp detail.php(cat) Blind Sql injection Vulnerability
A vulnerability exists in Webthaiapp detail.php(cat) which allows an attacker to inject malicious SQL queries into the application. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code in the 'cat' parameter in the 'detail.php' script. This can be used to access or delete information from the database, or to exploit further vulnerabilities in the underlying system.
Mitigation:
Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries.
