SQL Injection Vulnerability in Victor CMS V1.0 - Exploiting the cat_id Parameter

SQL Injection Vulnerability in Victor CMS V1.0 - Exploiting the cat_id Parameter

CVE-2020-23945 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.