Xenon 'id' Parameter Multiple SQL Injection Vulnerabilities Network Vulnerability

Summary

Xenon is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

References

http://m3rcil3ss.blogspot.com/
http://packetstormsecurity.org/files/view/105805/xenon-sql.txt
http://www.securityfocus.com/bid/50141
http://xe.co.za/index.shtml

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
AlienVault OSSIM SQL Injection and Remote Code Execution Vulnerabilities
Apple Safari RSS Feed Information Disclosure Vulnerability
Apache Solr XML External Entity(XXE) Vulnerability-02 Jan-14

Take action and discover your vulnerabilities