إرسال #222291: SQL injection in NS-ASG application security gateway.المعلومات

عنوانSQL injection in NS-ASG application security gateway.
الوصفSQL injection vulnerability in the Netcom NS-ASG application security gateway. Vulnerability points:/protocol/firewall/uploadfirewall.php The $FireWallId database value is accepted by messagecontent and then substituted into the database statement, the lack of validation results in sql execution.
المصدر⚠️ https://github.com/gb111d/ns-asg_poc/
المستخدم
 bows7ring (UID 56631)
ارسال18/10/2023 08:38 AM (3 سنوات منذ)
الاعتدال26/10/2023 07:33 AM (8 days later)
الحالةتمت الموافقة
إدخال VulDB243590 [Netentsec NS-ASG Application Security Gateway 6.3 uploadfirewall.php messagecontent حقن SQL]
النقاط18

Interested in the pricing of exploits?

See the underground prices here!