|
| Description: | | SQL injection is a vulnerability that allows an attacker to alter backend SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. |
|
| Impact: | | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. |
|
| Affected OS: | | Solaris, FreeBSD, Windows, Linux, Other Unix, Mac OS |
|
| Reference: | | OSVDB:97482
msf
Struts2 s2-041
|
|