SQL Injection Vulnerability in PG All Share Video 1.0 via PATH_INFO Parameter

SQL Injection Vulnerability in PG All Share Video 1.0 via PATH_INFO Parameter

CVE-2017-15969 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.