Issues » Blind SQL injection

Issue: SI-39
Date: Jan 17, 2017, 6:30:00 AM
Severity: Critical
Requires Admin Access: No
Fix Version: 3.6.2
Credit: Ben Nott based on earlier findings of Elar Lang
Description:

SQL injection via Categories Servlet - does not require authentication.  The only concrete exploit we have at this time is against mySQL 5.5.   Since this string does get passed to the DB for evaluation, it is possible that an exploit of this vulnerability may be possible on other database engines.  We recommend everyone upgrade or take the necessary precautions.

Mitigation:

Restrict URL pattern /categoriesServlet to your administrator's IP range.

Highly Rated and Recommended

We're rated Excellent 4.2/5 stars on G2 - with 95+ verified reviews