Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> CGI abuses >> wpoison (nasl version)


Vulnerability Assessment Details

wpoison (nasl version)

Vulnerability Assessment Summary
Some common SQL injection techniques

Detailed Explanation for this Vulnerability Assessment

This script attempts to use SQL injection techniques on CGI scripts

See also :

http://www.securiteam.com/securityreviews/5DP0N1P76E.html (basic SQL injection)

http://www.securitydocs.com/library/2651 (Blind SQL injection)


Solution : Modify the relevant CGIs so that they properly escape arguments.

Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2002 John Lampe...j_lampe@bellsouth.net

Cables, Connectors

Infineon HYS64V16300GU-7-C2 SDRAM 128MB PC-133 Non ECC 133Mhz RAM Memory
$4.5
Infineon HYS64V16300GU-7-C2 SDRAM 128MB PC-133 Non ECC 133Mhz RAM Memory pictureMacBook Pro 15" A1286 Early 2011, 2 GHz Intel i7, 16 GB Memory & 500 GB hdd
$0.99
MacBook Pro 15SK Hynix 16GB 2*8GB DDR4 2400 LAPTOP MEMORY 260pin SODIMM HMA81GS6AFR8N
$79.99
SK Hynix 16GB 2*8GB DDR4 2400 LAPTOP MEMORY  260pin SODIMM HMA81GS6AFR8N pictureSamsung 8gb (2x4GB) 1RX8 PC4-2133P SO-DIMM Laptop RAM Memory DDR4
$35.99
Samsung 8gb (2x4GB) 1RX8 PC4-2133P SO-DIMM Laptop RAM Memory DDR4 picture


Discussions

No Discussions have been posted on this vulnerability.