PT-2009-4794 · Datacheck Solutions · Gallerypal Fe
Publicado
2009-07-08
·
Atualizado
2017-08-17
·
CVE-2009-2365
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
DataCheck Solutions GalleryPal FE version 1.5
Description
A SQL injection issue exists in the login.asp file, allowing remote attackers to execute arbitrary SQL commands. The exact vectors used for the attack are not specified.
Recommendations
For version 1.5, update to a newer version that addresses this issue, as the current version allows remote attackers to execute arbitrary SQL commands via unspecified vectors. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Gallerypal Fe