Description
The web application uses Cockpit CMS. This version of Cockpit CMS has several NoSQL injection vulnerabilities. Successful attacks of these vulnerabilities can result in takeover of the server.
Remediation
Upgrade to the latest version of Cockpit
References
Related Vulnerabilities
WordPress Plugin WP Activity Log SQL Injection (4.1.4)
Drupal Core 4.7.x SQL Injection (4.7.0 - 4.7.8)
WordPress 3.1.3 Multiple SQL Injection Vulnerabilities (3.1 - 3.1.3)
WordPress Plugin Advanced Contact form 7 DB SQL Injection (1.6.1)
WordPress Plugin Wow Forms-create any form with custom style SQL Injection (2.1)