Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Osclass Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2012-5162 - Vulnerability Database
Osclass

Osclass Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2012-5162

Medium
Reference: CVE-2012-5162
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-5162
Title: Osclass Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

Multiple SQL injection vulnerabilities in oc-admin/ajax/ajax.php in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) edit_category_post or (2) enable_category action to index.php.