SQL Injection Vulnerability in DonLinkage 6.6.8 Allows Unauthorized Database Access

SQL Injection Vulnerability in DonLinkage 6.6.8 Allows Unauthorized Database Access

CVE-2018-17092 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:N

An issue was discovered in DonLinkage 6.6.8. SQL injection in /pages/proxy/php.php and /pages/proxy/add.php can be exploited via specially crafted input, allowing an attacker to obtain information from a database. The vulnerability can only be triggered by an authorized user.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.