|
Description: | | SQL injection is a vulnerability that allows an attacker to alter backend SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. |
|
Impact: | | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. |
|
Affected OS: | | Solaris, FreeBSD, Windows, Linux, Other Unix, Mac OS |
|
Reference: | | OSVDB:97482 msf Struts2 s2-041
|
|