• Ektron CMS400.NET is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the ContentRatingGraph.aspx script using the res parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.

• Upgrade to the latest version Ektron CMS.

• • Ektron CMS400.NET ContentRatingGraph.aspx SQL injection
  • Ektron CMS400.NET 'ContentRatingGraph.aspx' SQL Injection Vulnerability

• 

• CVE-2008-5122

• CWE-89

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

• Known Vulnerabilities SQL Injection

• WordPress Plugin Mingle Forum Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.32.1)
• WordPress Plugin iThemes Security (formerly Better WP Security) SQL Injection (7.0.2)
• WordPress Plugin WP Photo Album 'photo' Parameter SQL Injection (1.0)
• WordPress Plugin WP-RecentComments SQL Injection (2.0.7)
• WordPress Plugin WP Symposium 'get_profile_avatar.php' SQL Injection (0.64)