PHP.mailarticle.php.ID.Parameter.SQL.Injection

description-logoDescription

It indicates a possible exploit of a SQL injection vulnerability in Clever Copy.
This flaw is due to an input validation error in the "mailarticle.php" script that does not properly validate the "ID" parameter before being used in SQL statements. It may be exploited by malicious people to conduct SQL injection attacks, to bypass the authentication procedures and gain unauthorized access to the application.

affected-products-logoAffected Products

Clever Copy version 3.0 and prior

Impact logoImpact

The execution of arbitrary SQL commands on the system.

recomended-action-logoRecommended Actions

Upgrade to the latest version of the vulnerable software.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)