Submeter #222291: SQL injection in NS-ASG application security gateway.informação

TítuloSQL injection in NS-ASG application security gateway.
DescriçãoSQL injection vulnerability in the Netcom NS-ASG application security gateway. Vulnerability points:/protocol/firewall/uploadfirewall.php The $FireWallId database value is accepted by messagecontent and then substituted into the database statement, the lack of validation results in sql execution.
Fonte⚠️ https://github.com/gb111d/ns-asg_poc/
Utilizador
 bows7ring (UID 56631)
Submissão18/10/2023 08h38 (há 3 anos)
Moderação26/10/2023 07h33 (8 days later)
EstadoAceite
Entrada VulDB243590 [Netentsec NS-ASG Application Security Gateway 6.3 uploadfirewall.php messagecontent Injeção SQL]
Pontos18

Interested in the pricing of exploits?

See the underground prices here!