Multiple SQL Injection Vulnerabilities in Trape (before 2017-11-05)

Multiple SQL Injection Vulnerabilities in Trape (before 2017-11-05)

CVE-2017-17713 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, the /register lat parameter, the /register lon parameter, the /register org parameter, the /register query parameter, the /register region parameter, the /register regionName parameter, the /register timezone parameter, the /register vId parameter, the /register zip parameter, or the /tping id parameter.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.