Softbiz.showcats.sbcatid.SQL.Injection

description-logoDescription

This indicates an attacker attempted an SQL Injection attack against the Softbiz Resource Repository Script.
Softbiz Resource Repository Script contains a flaw that may allow an attacker to carry out SQL injection attacks. The flaw is in the "showcats.php" script not properly sanitizing user-supplied input to the "sbcat_id" variable. A successful exploit can allow an attacker to execute SQL queries against the database.

affected-products-logoAffected Products

Softbiz Resource Repository Script 1.1.

Impact logoImpact

Compromise of the Database.

recomended-action-logoRecommended Actions

Apply appropriate patch from the vendor or upgrade to non-vulnerable version if available.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)