Lucene search
Asheesh kumarEDB-ID:18122HistoryNov 16, 2011 - 12:00 a.m.
SonicWALL Aventail SSL-VPN - SQL Injection
2011-11-1600:00:00
Asheesh kumar
www.exploit-db.com
31
================================================================================
SonicWALL Aventail SSL-VPN SQL Injection Vulnerability
================================================================================
#Date- 17/11/11
# code by Asheesh kumar Mani Tripathi
# Credit by Asheesh Anaconda
#Vulnerbility
SonicWALL Aventail SSL-VPN is prone to an SQL-injection vulnerability because the application fails to properly
sanitize user-supplied input before using it in an SQL query.
#Impact
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database
========================================================================================================================
Request
========================================================================================================================
https://example.xxx.com/prodpage.cfm?CFID=&CFTOKEN=&CategoryID=[SQL]Related
openvas
openvas
SonicWALL Aventail 'CategoryID' Parameter SQL Injection Vulnerability
2011-11-21 00:00:00
SonicWALL Aventail SQLi Vulnerability - Active Check
2011-11-21 00:00:00
prion
prion
Sql injection
2013-02-12 20:55:00
cve
cve
CVE-2011-5262
2013-02-12 20:55:03
cvelist
cvelist
CVE-2011-5262
2013-02-12 20:00:00
nvd
nvd
CVE-2011-5262
2013-02-12 20:55:03