CVE-2020-7356

CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter 'wayfinderseqid' in wayfindermeetinginput.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injectin...

Sql injection

CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter 'wayfinderseqid' in wayfindermeetinginput.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injectin...

CVE-2020-7356 Cayin xPost SQL Injection

CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter 'wayfinderseqid' in wayfindermeetinginput.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injectin...

Cayin xPost 2.5 SQL Injection / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cayin xPost wayfinderseqid SQLi to RCE', 'Description' = %q This module exploits an unauthenticated SQLi in Cayin xPost MSFLICENSE, 'Author' =...

Cayin xPost wayfinder_seqid SQLi to RCE

This module exploits an unauthenticated SQLi in Cayin xPost 'Cayin xPost wayfinderseqid SQLi to RCE', 'Description' = %q This module exploits an unauthenticated SQLi in Cayin xPost MSFLICENSE, 'Author' = 'h00die', msf module 'Gjoko Krstic LiquidWorm...

CVE-2020-7356

CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter ‘wayfinderseqid’ in wayfindermeetinginput.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injectin...