ClassApps SelectSurvey.net Multiple SQL Injection Vulnerabilities
BID:69885
Info
ClassApps SelectSurvey.net Multiple SQL Injection Vulnerabilities
| Bugtraq ID: | 69885 |
| Class: | Input Validation Error |
| CVE: |
CVE-2014-6030 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 17 2014 12:00AM |
| Updated: | Sep 17 2014 12:00AM |
| Credit: | BillV-Lists |
| Vulnerable: |
Atomic Design ClassApps SelectSurvey.net 4.124.4 |
| Not Vulnerable: |
Atomic Design ClassApps SelectSurvey.net 4.125.2 |
Discussion
ClassApps SelectSurvey.net Multiple SQL Injection Vulnerabilities
ClassApps SelectSurvey.net is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input.
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
SelectSurvey.net 4.124.004 is vulnerable; other versions may also be affected.
ClassApps SelectSurvey.net is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input.
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
SelectSurvey.net 4.124.004 is vulnerable; other versions may also be affected.
Solution / Fix
ClassApps SelectSurvey.net Multiple SQL Injection Vulnerabilities
Solution:
Reportedly the issue is fixed, however Symantec has not confirmed this. Please contact the vendor for more information.
Solution:
Reportedly the issue is fixed, however Symantec has not confirmed this. Please contact the vendor for more information.