Xplode 'module_wrapper.asp' SQL Injection And Cross Site Scripting Vulnerabilities Network Vulnerability

Summary

Xplode is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

References

http://www.securityfocus.com/bid/34419

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Arkeia Appliance Path Traversal Vulnerability
ActualAnalyzer Lite 'ant' Cookie Parameter Remote Command Execution Vulnerability
AlefMentor Multiple SQL Injection Vulnerabilities
Atlassian JIRA FishEye and Crucible Plugins XML Parsing Unspecified Security Vulnerability
admin.cgi overflow

Xplode 'module_wrapper.asp' SQL Injection and Cross Site Scripting Vulnerabilities

Take action and discover your vulnerabilities