Softbiz.reportlink.php.sbresid.SQL.Injection
Description
This indicates an attacker attempted an SQL Injection attack against the Softbiz Resource Repository Script.
"Softbiz Resource Repository Script contains a flaw that may allow an attacker to carry out SQL injection attacks. The flaw is in the "report_link.php" script not properly sanitizing user-supplied input to the "sbres_id" variable. A successful exploit can allow an attacker to execute SQL queries against the database.
Affected Products
Softbiz Resource Repository Script 1.1 .
Impact
Compromise of the Database.
Recommended Actions
Apply appropriate patch from the vendor or upgrade to non-vulnerable version if available.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |