Intrusion Prevention

Quadcomm.QShop.SQL.Injection

Description

This indicates a possible attempt to exploit a SQL injection vulnerability in Quadcomm Q-Shop.
Quadcomm Q-Shop contains a SQL injection vulnerability because it fails to properly sanitize user supplied input before using it in a SQL query. Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

Affected Products

Quadcomm Q-Shop version 3.5 is vulnerable.

Impact

System compromise.

Recommended Actions

Apply changes to the source code as described by the vendor.
http://quadcomm.com/qshop/sec_v350x_browseinj.asp