Boonex Dolphin 'xml/get_list.php' SQL Injection Vulnerability Network Vulnerability

Summary

Boonex Dolphin is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. Boonex Dolphin 6.1 is vulnerable other versions may also be affected.

References

http://en.securitylab.ru/lab/PT-2011-14
http://www.boonex.com/dolphin/
http://www.securityfocus.com/archive/1/520146
http://www.securityfocus.com/bid/50286

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AIOCP 'cp_html2xhtmlbasic.php' Remote File Inclusion Vulnerability
A-Blog 'sources/search.php' SQL Injection Vulnerability
Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability
Apache Solr XML External Entity(XXE) Vulnerability-02 Jan-14
Ajax File and Image Manager 'data.php' PHP Code Injection Vulnerability

Take action and discover your vulnerabilities