Basic Analysis and Security Engine has an SQL injection vulnerability due to unsanitized user input.
Reporter | Title | Published | Views | Family All 12 |
---|---|---|---|---|
OpenVAS | FreeBSD Ports: base | 4 Sep 200800:00 | – | openvas |
OpenVAS | Debian Security Advisory DSA 893-1 (acidlab) | 17 Jan 200800:00 | – | openvas |
OpenVAS | FreeBSD Ports: base | 4 Sep 200800:00 | – | openvas |
OpenVAS | Debian: Security Advisory (DSA-893-1) | 17 Jan 200800:00 | – | openvas |
Debian | [SECURITY] [DSA 893-1] New acidlab packages fix SQL injection | 14 Nov 200509:56 | – | debian |
Debian | [SECURITY] [DSA 893-1] New acidlab packages fix SQL injection | 14 Nov 200509:56 | – | debian |
Cvelist | CVE-2005-3325 | 27 Oct 200504:00 | – | cvelist |
NVD | CVE-2005-3325 | 27 Oct 200510:02 | – | nvd |
Tenable Nessus | FreeBSD : base -- PHP SQL injection vulnerability (f38c87a5-4a3e-11da-8ba2-0004614cc33d) | 13 May 200600:00 | – | nessus |
Tenable Nessus | Debian DSA-893-1 : acidlab - missing input sanitising | 14 Oct 200600:00 | – | nessus |
source: https://www.securityfocus.com/bid/15199/info
Basic Analysis And Security Engine is prone to an SQL injection vulnerability.
This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
http://www.example.com/base/base_qry_main.php?new=1&sig[0]=%3D&sig[1]=[SQL]&submit=Query+DB
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo