Invicti detected the Database User Has Admin Privileges.
This issue has been confirmed by checking the connection privileges via an identified SQL injection vulnerability in the application.
- Gain full access to the database server.
- Gain a reverse shell to the database server and execute commands on the underlying operating system.
- Access the database with full permissions, where it may be possible to read, update or delete arbitrary data from the database.
- Depending on the platform and the database system user, an attacker might carry out a privilege escalation attack to gain administrator access to the target system.