CVE-2016-6566

🗓️ 13 Jul 2018 20:01:29Reported by [email protected]Type

The valueAsString parameter in JSON payload of ucLogin_txtLoginId_ClientStat POST parameter in Sungard eTRAKiT3 v3.2.1.17 is not validated, allowing SQL injection

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
exploitpack	Sungard eTRAKiT3 3.2.1.17 - SQL Injection	2 Jun 201700:00	–	exploitpack
Exploit DB	Sungard eTRAKiT3 <= 3.2.1.17 - SQL Injection	2 Jun 201700:00	–	exploitdb
Cvelist	CVE-2016-6566 The Sungard eTRAKiT3 software version 3.2.1.17 may be vulnerable to SQL injection which may allow a remote unauthenticated attacker to run a subset of SQL commands against the back-end database	13 Jul 201820:00	–	cvelist
Prion	Design/Logic Flaw	13 Jul 201820:29	–	prion
CVE	CVE-2016-6566	13 Jul 201820:29	–	cve
CERT	Sungard eTRAKiT3 may be vulnerable to SQL injection	6 Dec 201600:00	–	cert

Nvd

Node

sungardas etrakit3Match3.2.1.17

Source	Link
securityfocus	www.securityfocus.com/bid/94696
kb	www.kb.cert.org/vuls/id/846103

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Jul 2018 20:29Current

9.6High risk

Vulners AI Score9.6

CVSS27.5

CVSS39.8

EPSS0.15957

CWE-89