CVE-2017-12757

Name of the Vulnerable Software and Affected Versions Ambit Technologies Pvt. Ltd products, including: iTech B2B Script version 4.42i Tech Business Networking Script version 8.26i Tech Caregiver Script version 2.71i Tech Classifieds Script version 7.41i Tech Dating Script version 3.40i Tech Freelancer Script version 5.27i Tech Image Sharing Script version 4.13i Tech Job Script version 9.27i Tech Movie Script version 7.51i Tech Multi Vendor Script version 6.63i Tech Social Networking Script version 3.08i Tech Travel Script version 9.49

Description The issue affects certain Ambit Technologies Pvt. Ltd products and is related to SQL Injection, allowing for remote code execution.

Recommendations For each of the affected products, update to a version that includes a fix for the SQL Injection issue. As a temporary workaround, consider restricting access to sensitive database operations until a patch is available. Avoid using user-input data directly in SQL queries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.