Tekman.Portal.uye_id.Parameter.Handle.Remote.SQL.Injection

description-logoDescription

A SQL injection vulnerability in uye_profil.asp in Tekman Portal (TR) 1.0 allows remote attackers to execute arbitrary SQL commands via the uye_id parameter.

affected-products-logoAffected Products

Tekman Portal version 1.0 and prior.

Impact logoImpact

Execute arbitrary SQL commands.

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2018-11-06 13.485