• Ektron CMS400.NET is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the ContentRatingGraph.aspx script using the res parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.

• Upgrade to the latest version Ektron CMS.

• • Ektron CMS400.NET ContentRatingGraph.aspx SQL injection
  • Ektron CMS400.NET 'ContentRatingGraph.aspx' SQL Injection Vulnerability

• 

• CVE-2008-5122

• CWE-89

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

• Known Vulnerabilities SQL Injection

• WordPress Plugin Zero Spam SQL Injection (2.1.2)
• WordPress Plugin WP eCommerce 'wpsc-transaction_results_functions.php' SQL Injection (3.8.7.5)
• WordPress Plugin AVH Extended Categories Widgets SQL Injection (4.0.0)
• WordPress Plugin HD Webplayer Multiple SQL Injection Vulnerabilities (1.1)
• WordPress Plugin DSubscribers SQL Injection (1.2)