Softbiz.showcats.sbcatid.SQL.Injection
Description
This indicates an attacker attempted an SQL Injection attack against the Softbiz Resource Repository Script.
Softbiz Resource Repository Script contains a flaw that may allow an attacker to carry out SQL injection attacks. The flaw is in the "showcats.php" script not properly sanitizing user-supplied input to the "sbcat_id" variable. A successful exploit can allow an attacker to execute SQL queries against the database.
Affected Products
Softbiz Resource Repository Script 1.1.
Impact
Compromise of the Database.
Recommended Actions
Apply appropriate patch from the vendor or upgrade to non-vulnerable version if available.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |