Description
The web application uses Cockpit CMS. This version of Cockpit CMS has several NoSQL injection vulnerabilities. Successful attacks of these vulnerabilities can result in takeover of the server.
Remediation
Upgrade to the latest version of Cockpit
References
Related Vulnerabilities
WordPress Plugin WP-Filebase Download Manager 'base' Parameter SQL Injection (0.2.9)
WordPress Plugin Menu Creator 'updateSortOrder.php' SQL Injection (1.1.7)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.3.29)
WordPress Plugin Car Rental System SQL Injection (3.0)
WordPress Plugin IP Logger 'map-details.php' SQL Injection (3.0)