 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.14226 |
| Categoría: | Web application abuses |
| Título: | phpBB Fetch All < 2.0.12 SQLi Vulnerability |
| Resumen: | phpBB Fetch All is prone to a SQL injection (SQLi); vulnerability. |
| Descripción: | Summary: phpBB Fetch All is prone to a SQL injection (SQLi) vulnerability. Vulnerability Insight: It is reported that this version of phpBB Fetch All is susceptible to an SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it in an SQL query. The successful exploitation of this vulnerability depends on the implementation of the web application that includes phpBB Fetch All as a component. It may or may not be possible to effectively pass malicious SQL statements to the underlying function. Vulnerability Impact: Successful exploitation could result in compromise of the application, disclosure or modification of data or may permit an attacker to exploit vulnerabilities in the underlying database implementation. Affected Software/OS: phpBB Fetch All versions prior to 2.0.12. Solution: Update to version 2.0.12 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Copyright | Copyright (C) 2004 David Maciejak |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |