PHP.Labs.Top.Auction.search.php.SQL.Injection
Description
This indicates a possible exploit of a SQL infection vulnerability in Top Auction that may allow an attacker to carry out an SQL injection attack. The issue is due to the search.php script not properly sanitizing user-supplied input to the "searchterm" variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.
Affected Products
Top Auction (www.phplabs.com).
Impact
Data compromise.
Recommended Actions
Apply appropriate patch from the vendor if available.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |