PHP.mailarticle.php.ID.Parameter.SQL.Injection
Description
It indicates a possible exploit of a SQL injection vulnerability in Clever Copy.
This flaw is due to an input validation error in the "mailarticle.php" script that does not properly validate the "ID" parameter before being used in SQL statements. It may be exploited by malicious people to conduct SQL injection attacks, to bypass the authentication procedures and gain unauthorized access to the application.
Affected Products
Clever Copy version 3.0 and prior
Impact
The execution of arbitrary SQL commands on the system.
Recommended Actions
Upgrade to the latest version of the vulnerable software.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |