PHPWebSite.Topics.PHP.SQL.Injection
Description
SQL injection vulnerability in topics.php, in Appalachian State University phpWebSite 0.10.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the topic parameter.
Affected Products
phpWebsite phpWebsite 0.10.2
phpWebsite phpWebsite 0.10.1
+ Gentoo Linux
phpWebsite phpWebsite 0.10
phpWebsite phpWebsite 0.9.3 -4
phpWebsite phpWebsite 0.9.3 -3
phpWebsite phpWebsite 0.9.3 -2
phpWebsite phpWebsite 0.9.3 -1
phpWebsite phpWebsite 0.9.3
phpWebsite phpWebsite 0.8.3
phpWebsite phpWebsite 0.8.2
phpWebsite phpWebsite 0.7.3
Impact
Arbitrary SQL commands execution.
Recommended Actions
Currently we are not aware of any vendor-supplied patches for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |