askiaweb CVE-2013-0123 Multiple SQL Injection Vulnerabilities
BID:58602
Info
askiaweb CVE-2013-0123 Multiple SQL Injection Vulnerabilities
| Bugtraq ID: | 58602 |
| Class: | Input Validation Error |
| CVE: |
CVE-2013-0123 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 20 2013 12:00AM |
| Updated: | Mar 20 2013 12:00AM |
| Credit: | Anonymous |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
askiaweb CVE-2013-0123 Multiple SQL Injection Vulnerabilities
askiaweb is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using in an SQL query.
Exploiting these issues allows an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
askiaweb is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using in an SQL query.
Exploiting these issues allows an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Exploit / POC
askiaweb CVE-2013-0123 Multiple SQL Injection Vulnerabilities
An attacker can use a browser to exploit these issues.
An attacker can use a browser to exploit these issues.
Solution / Fix
askiaweb CVE-2013-0123 Multiple SQL Injection Vulnerabilities
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
askiaweb CVE-2013-0123 Multiple SQL Injection Vulnerabilities
References:
References: