Forum.Livre.infouser.asp.SQL.Injection
Description
Forum Livre has a SQL-injection vulnerability. A remote attacker could execute arbitrary SQL commands in the back-end database via a specially-crafted HTTP request to the "info-user.asp" script, with injected SQL statements in the "user" parameter.
Affected Products
Forum Livre version 1.0
Impact
Data Manipulation.
Recommended Actions
Currently we are not aware of any vendor-supplied patches for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |