10 Sep 2018
CVE-2016-9048 - CVE Vulnerability
Multiple exploitable SQL Injection vulnerabilities exists in ProcessMaker Enterprise Core 3.0.1.7-community. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and in certain setups access the underlying operating system. (CVSS:0.0) (Last Update:2018-09-10)
Vulnerability Details : Multiple exploitable SQL Injection vulnerabilities exists in ProcessMaker Enterprise Core 3.0.1.7-community. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and in certain setups access the underlying operating system. Publish Date : 2018-09-10 Last Update Date : 2018-09-10 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2016-9048
- References For CVE-2016-9048
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2016-9048There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |