virus logo Intrusion Prevention

AlstraSoft.EPay.Enterprise.Product.Parameter.SQL.Injection

description-logoDescription

This indicates an attack attempt to exploit a SQL Injection vulnerability in Alstrasoft EPay Enterprise.
The vulnerability is a result of the application's failure to properly sanitize user input in the product parameter before using it in a SQL query. As a result, a remote attacker can send a crafted query to execute SQL commands on a vulnerable server.

affected-products-logoAffected Products

AlstraSoft EPay Enterprise 4.0

Impact logoImpact

System Compromise: Remote attackers can add, view, delete or modify data in the database of the affected application.

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 30947
Created Feb 15, 2012
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris, MacOS
Affected App Other