Computer & Web Vulnerabilities
MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Web Security Vulnerabilities
Exploit Title: MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Security Vulnerabilities
Product: Web-Design
Vendor: MT.VERNON MEDIA
Vulnerable Versions: v1.12
Tested Version: v1.12
Advisory Publication: May 08, 2015
Latest Update: May 08, 2015
Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) [CWE-89]
CVE Reference: *
Impact CVSS Severity (version 2.0):
CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)
Impact Subscore: 6.4
Exploitability Subscore: 10.0
Credit: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)
Proposition Details:
(1) Vendor & Product Description:
Vendor:
MT.VERNON MEDIA
Product & Vulnerable Versions:
Web-Design
v1.12
Vendor URL & Download:
MT.VERNON MEDIA can be obtained from here,
http://www.mtvernonmedia.com/services/WebDesign.html
Google Dork:
“developed by: Mt. Vernon Media"
Product Introduction Overview:
“In today’s economy every business is more focused on ROI (Return On Investment) than ever…
View original post 詳見內文:約433字