SQL injection Prevention - GET : Evasion attempt with CAST and EXEC statements
Description
Default
configuration
Profiles
High
Medium
Low
Internet
Action
Block
Block
Block
Block
Alarm Level
Minor
Minor
Minor
Minor
References
URL:
http://www.exploit-db.com/exploits/20035/
Available since
ASQ v5.0.0
Protects
Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Dolibarr Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla Core SQL Injection Vulnerability Fixed by 3.7.1
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla "DT Register" Plugin SQL Injection Vulnerability
WordPress Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Modules Multiple Vulnerabilities
WordPress Third-Party Modules Multiple Vulnerabilities
Cisco Identity Services Engine SQL Injection Vulnerability
WordPress Third Party Modules Multiple Vulnerabilities
AlienVault Unified Security Management Multiple Vulnerabilities Fixed by 5.3.2
Joomla Third-Party Plugins Multiple Vulnerabilities
SAP Adaptive Server Enterprise (ASE) Multiple Vulnerabilities Fixed by September 2016 Patch Day
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Zabbix Latest Data SQL Injection Vulnerability
Joomla "Event Registration Pro" SQL Injection Vulnerability
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Red Hat JBoss BPM Suite Dashbuilder SQL Injection Vulnerability
Joomla Third-Party Plugins Multiple Vulnerabilities
Drupal 'menupereid' SQL injection Vulnerability
Riverbed SteelCentral NetProfiler Multiple Vulnerabilities Fixed by 10.9.0
Cisco Prime Collaboration Deployment SQL Injection Vulnerability
Joomla Third-Party Plugins Multiple Vulnerabilities
Nagios XI Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
phpMyAdmin Multiple Vulnerabilities Fixed by 4.6.2 and 4.4.15.6
GLPI "ajax/getDropdownConnect.php" SQL Injection Vulnerability Fixed by 0.90.3
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Joomla Third-Party Modules Multiple Vulnerabilities
Cacti "tree.php" SQL Injection Vulnerability
Cacti "graph_template" Parameter "graphs_new.php" SQL Injection Vulnerability
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
BlackBerry Enterprise Server Management Console Multiple Vulnerabilities Fixed by 12.4
Joomla Third-Party Modules Multiple SQL Injection Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Joomla Third-Party Modules Multiple Vulnerabilities
TestLink SQL Injection Vulnerability Fixed by 1.9.15
Atlassian Confluence Multiple Vulnerabilities Fixed by 5.8.17
Joomla Third-Party Modules Multiple Vulnerabilities
Cacti Multiple SQL Injection Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Joomla Third-Party Modules Multiple Vulnerabilities
AVG AntiVirus Cross-Site Scripting Vulnerability
FTGate Multiple Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities
TestLink Multiple Vulnerabilities Fixed by 1.9.14
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Splunk Enterprise Splunk Web Cross-Site Scripting Fixed by 6.2.6
Apache mod_negotiation Cross-Site Scripting and HTTP Response Splitting Vulnerabilities
IBM Domino Web Server Multiple Vulnerabilities
MediaWiki Multiple Vulnerabilities Fixed by 1.25.2, 1.24.3 and 1.23.10
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
IPython JSON Error Responses Multiple XSS Vulnerability Fixed by 3.2
Wordpress Multiple Themes Vulnerabilities
IBM WebSphere Application Server Feature Pack for Web Dojo Toolkit Cross-Site Scripting Vulnerabilities
IBM WebSphere Application Server Multiple Vulnerabilities
IBM Forms Server Dojo Toolkit Cross-Site Scripting Vulnerabilities
phpBugTracker Multiple Vulnerabilities
BSS BS-Client Multiple Vulnerabilities
WordPress mTouch Quiz Plugin "quiz" Cross-Site Scripting and SQL Injection Vulnerabilities
Ganesha Digital Library Cross-Site Scripting and SQL Injection Vulnerabilities
POSH Weakness and Two Vulnerabilities
WordPress DZS Video Gallery Plugin "source" Cross-Site Scripting Vulnerability
VideoWhisper Live Streaming "n" Cross-Site Scripting Vulnerability
VideoWhisper Video Conference Cross-Site Scripting and File Disclosure Vulnerabilities
Cells Blog CMS Cross-Site Scripting and SQL Injection Vulnerabilities
WordPress Infocus Theme prettyPhoto Cross-Site Scripting Vulnerability
easyXDM name.html Cross-Site Scripting Vulnerability
FlatNuke Cross-Site Scripting Vulnerability
Web Video Streamer Command Injection and Cross-Site Scripting Vulnerabilities
WordPress SEO Link Rotator Plugin "title" Cross-Site Scripting Vulnerability
WordPress Photocrati Theme "prod_id" Cross-Site Scripting Vulnerability
ITechClassifieds Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
Collabtive Script Insertion and SQL Injection Vulnerabilities
ManageEngine EventLog Analyzer "j_username" Cross-Site Scripting Vulnerability
StivaSoft Car Rental Script Cross-Site Scripting and Request Forgery Vulnerabilities
Joomla! Melody Component swfupload Cross-Site Scripting Vulnerability
Joomla! AceSearch Component "query" Cross-Site Scripting Vulnerability
WordPress April's Super Functions Pack Plugin "page" Cross-Site Scripting Vulnerability
ZendTo "emailAddr" Script Insertion Vulnerability
WordPress Recommend to a friend Plugin "current_url" Cross-Site Scripting Vulnerability
LiveZilla Cross-Site Scripting and Script Insertion Vulnerabilities
WordPress JS Hotel Plugin Full Path Disclosure Weakness and Cross-Site Scripting Vulnerabilities
Helpdesk Pilot Ticket Script Insertion Vulnerability
The Bug Genie Script Insertion and Cross-Site Scripting Vulnerabilities
Ganglia Web "host_regex" Cross-Site Scripting Vulnerability
Claroline Multiple Cross-Site Scripting Vulnerabilities
QuiXplorer Multiple Cross-Site Scripting Vulnerabilities
prettyPhoto Cross-Site Scripting Vulnerability
Elastix Multiple Cross-Site Scripting Vulnerabilities
REDAXO Cross-Site Scripting and Request Forgery Vulnerabilities
Practico CMS Cross-Site Scripting and Request Forgery Vulnerabilities
Project'Or RIA Cross-Site Scripting and SQL Injection Vulnerabilities
Arbor Peakflow X Security Bypass and Cross-Site Scripting Vulnerabilities
WordPress MobileChief Plugin jQuery Validation Plugin Cross-Site Scripting Vulnerability
WordPress Spreadsheet Plugin Cross-Site Scripting Vulnerability
Bilboplanet Cross-Site Scripting and SQL Injection Vulnerabilities
osCommerce "products_id" Script Insertion Vulnerability
CMS Formulasi Multiple Vulnerabilities
Aanval SAS Cross-Site Scripting and SQL Injection Vulnerabilities
Posnic Stock Management System Cross-Site Scripting and SQL Injection Vulnerabilities
WordPress MORE+ Theme prettyPhoto Cross-Site Scripting Vulnerability
ShopDirector "c1" Cross-Site Scripting Vulnerability
X2CRM "model" Cross-Site Scripting Vulnerability
WikkaWiki "wakka" Cross-Site Scripting Vulnerability
Microsoft SharePoint Multiple Vulnerabilities
WordPress Design Approval System Plugin "step" Cross-Site Scripting Vulnerability
Rnet eShop "n" Cross-Site Scripting Vulnerability
WordPress silverOrchid Theme "s" Cross-Site Scripting Vulnerability
Twilight CMS Cross-Site Scripting and Arbitrary File Disclosure Vulnerabilities
WordPress ThinkIT WP Contact Form Plugin Cross-Site Scripting and Request Forgery Vulnerabilities
WordPress BackWPup Plugin "tab" Cross-Site Scripting Vulnerability
Quack Chat Cross-Site Scripting and Script Insertion Vulnerabilities
Atlassian JIRA "name" Cross-Site Scripting Vulnerability
Joomla! "lang" Cross-Site Scripting Vulnerability
D-Link DIR-645 Cross-Site Scripting and Buffer Overflow Vulnerabilities
WordPress Comment Extra Fields Plugin swfupload Two Cross-Site Scripting Vulnerabilities
Jahia xCM Multiple Cross-Site Scripting Vulnerabilities
WordPress Better WP Security Plugin 404 Error Log Script Insertion Vulnerability
OSSIM Two Cross-Site Scripting Vulnerabilities
OSSIM Cross-Site Scripting and SQL Injection Vulnerabilities
2daybiz Multi Level Marketing Software Cross-Site Scripting and SQL Injection Vulnerabilities
Saurus CMS Multiple Vulnerabilities
Collabtive Multiple Vulnerabilities
McAfee ePolicy Orchestrator Multiple Cross-Site Scripting Vulnerabilities
Alkacon OpenCms Multiple Cross-Site Scripting Vulnerabilities
OpenX Two Cross-Site Scripting Vulnerabilities
WordPress Category Grid View Gallery Plugin "ID" Cross-Site Scripting Vulnerability
Xorbin Multiple Products "widgetUrl" Cross-Site Scripting Vulnerability
Motion Cross-Site Scripting and Request Forgery Vulnerabilities
Xaraya Two Cross-Site Scripting Vulnerabilities
Linksys E1200 Router "submit_button" Cross-Site Scripting Vulnerability
Caucho Resin URL Cross-Site Scripting Vulnerability
Telaen Open Redirection Weakness and "f_email" Cross-Site Scripting Vulnerability
WordPress ADIF Log Search Widget Plugin "call" Cross-Site Scripting Vulnerability
WordPress GRAND FlAGallery Plugin "s" Cross-Site Scripting Vulnerability
NetIQ Access Manager Identity Server "Ecom_User_ID" Cross-Site Scripting Vulnerabilities
Matterdaddy Market Cross-Site Scripting and SQL Injection Vulnerabilities
WordPress Spider Catalog Plugin Cross-Site Scripting and SQL Injection Vulnerabilities
WordPress Spider Event Calendar Plugin Security Bypass and Cross-Site Scripting Vulnerabilities
Ajax Availability Calendar Multiple Vulnerabilities
WordPress Newsletter Plugin "alert" Cross-Site Scripting Vulnerability
NetApp OnCommand System Manager "domain-name" and "value" Cross-Site Scripting Vulnerabilities
Brother MFC-9970CDW "id" Cross-Site Scripting Vulnerability
WordPress Securimage-WP Plugin URL Cross-Site Scripting Vulnerability
GetSimple CMS Multiple Vulnerabilities
Matrix42 Service Store Cross-Site Scripting Vulnerability
WordPress WP Symposium Plugin "u" Cross-Site Scripting Vulnerability
Hero Framework "error" Cross-Site Scripting Vulnerability
ZAPms "pid" SQL Injection Vulnerability
Microsoft Products HTML Sanitisation Component Cross-Site Scripting Vulnerability
Zimbra Collaboration Server "dictionary" Cross-Site Scripting Vulnerability
WordPress Traffic Analyzer Plugin Two Cross-Site Scripting Vulnerabilities
WordPress Feedweb Plugin "wp_post_id" Cross-Site Scripting Vulnerability
Atmail WebMail File Name Cross-Site Scripting Vulnerability
zClip ZeroClipboard "id" Cross-Site Scripting Vulnerability
WordPress WP Banners Lite Plugin "cid" Cross-Site Scripting Vulnerability
Jaow CMS "add_ons" Cross-Site Scripting Vulnerability
daloRADIUS "error" Two Cross-Site Scripting Vulnerabilities
daloRADIUS Multiple Vulnerabilities
Scripteen Fun Photo Script Two Cross-Site Scripting Vulnerabilities
Dolphin swfupload Two Cross-Site Scripting Vulnerabilities
Dotclear Multiple Vulnerabilities
InstantCMS swfupload Two Cross-Site Scripting Vulnerabilities
WordPress BP Code Snippets Plugin ZeroClipboard Cross-Site Scripting Vulnerability
WordPress Click to Copy Grab Box Plugin ZeroClipboard Two Cross-Site Scripting Vulnerabilities
WordPress SlideDeck 2 Lite Responsive Content Slider Plugin ZeroClipboard Two Cross-Site Scripting
WordPress WP Clone by WP Academy Plugin ZeroClipboard Cross-Site Scripting Vulnerability
WordPress PayPal Digital Goods Plugin ZeroClipboard Cross-Site Scripting Vulnerability
WordPress Tiny URL Plugin ZeroClipboard Cross-Site Scripting Vulnerability
WordPress Buckets Plugin ZeroClipboard Cross-Site Scripting Vulnerability
WordPress Cleeng Plug & Go Plugin ZeroClipboard Cross-Site Scripting Vulnerability
WordPress GeSHi Source Colorer Plugin ZeroClipboard Cross-Site Scripting Vulnerability
WordPress JC Coupon Plugin ZeroClipboard Cross-Site Scripting Vulnerability
WordPress MobileView Plugin ZeroClipboard Cross-Site Scripting Vulnerability
WordPress Zopim Live Chat Plugin ZeroClipboard Cross-Site Scripting Vulnerability
WordPress Snazzy Archives Plugin "tagcloud" Cross-Site Scripting Vulnerability
WordPress VKontakte API Plugin "tagcloud" Cross-Site Scripting Vulnerability
Your Own Classifieds Cross-Site Scripting Vulnerability
HP Intelligent Management Center Multiple Vulnerabilities
Batavi Arbitrary Parameter Name Cross-Site Scripting Vulnerability
TP-LINK TL-WA701ND Directory Traversal and Cross-Site Request Forgery Vulnerabilities
Nconf Path Disclosure Weakness and Cross-Site Scripting Vulnerability
WordPress Uploader Plugin Cross-Site Scripting and Arbitrary File Upload Vulnerabilities
PHP-Fusion Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
EasyWebScripts eBay Clone Script Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
glFusion Multiple Cross-Site Scripting Vulnerabilities
SonarSource Sonar Multiple Cross-Site Scripting Vulnerabilities
Squirrelcart "table" Cross-Site Scripting Vulnerability
MIMEsweeper for SMTP Error Message Cross-Site Scripting Vulnerability
OpenEMR Multiple Vulnerabilities
AbanteCart Multiple Cross-Site Scripting Vulnerabilities
Newscoop URL Cross-Site Scripting Vulnerability
WordPress Pinboard Theme "tab" Cross-Site Scripting Vulnerability
Ganglia Web Multiple Cross-Site Scripting Vulnerabilities
ezStats2 for Battlefield 3 Information Disclosure and Cross-Site Scripting Vulnerabilities
SiteGo Multiple Vulnerabilities
AdaptCMS Multiple Vulnerabilities
Cisco Unity Express Cross-Site Scripting and Request Forgery Vulnerabilities
Netgear SPH200D Cross-Site Scripting Vulnerability
WordPress WP e-Commerce Plugin "cart_messages[]" Cross-Site Scripting Vulnerability
Perforce Web Client (P4Web) Multiple Cross-Site Scripting Vulnerabilities
gpEasy CMS "section" Cross-Site Scripting Vulnerability
Classified Ultra "cname" Cross-Site Scripting and "c" SQL Injection Vulnerabilities
phpCAS Certificate Verification Security Issue
Quick.Cart admin.php URL Cross-Site Scripting Vulnerability
Quick.Cms admin.php URL Cross-Site Scripting Vulnerability
Microsoft System Center Operations Manager Cross-Site Scripting Vulnerabilities
Website Baker Concert Calendar Add-on Cross-Site Scripting and SQL Injection Vulnerabilities
cPanel Multiple Cross-Site Scripting Vulnerabilities
ManageEngine MSP Center Plus Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities
Elastix Two Local File Inclusion Vulnerabilities
Greenstone Information Disclosure and Cross-Site Scripting Vulnerabilities
WordPress WooCommerce Predictive Search Plugin "rs" Cross-Site Scripting Vulnerability
dotProject "date" Cross-Site Scripting Vulnerability
Baby Gekko Multiple Cross-Site Scripting Vulnerabilities
Myrephp Business Directory "look" Cross-Site Scripting Vulnerability
The FAQ Manager Two SQL Injection Vulnerabilities
Intramaps Multiple Vulnerabilities
ZPanel Cross-Site Request Forgery and SQL Injection Vulnerabilities
bitweaver Multiple Cross-Site Scripting Vulnerabilities
VaM Shop Multiple Vulnerabilities
Joomla! Freestyle Support Component "prodid" SQL Injection Vulnerability
Subrion CMS Cross-Site Scripting and SQL Injection vulnerabilities
AContent Security Bypass and SQL Injection Vulnerabilities
AContent Cross-Site Scripting and SQL Injection Vulnerabilities
vBSEO "u" Cross-Site Scripting Vulnerability
OpenX Cross-Site Scripting and SQL Injection Vulnerabilities
Microsoft SQL Server Cross-Site Scripting Vulnerability
Icy Phoenix Two Cross-Site Scripting Vulnerabilities
Zenphoto Multiple Vulnerabilities
WordPress Spider Calendar Plugin Cross-Site Scripting and SQL Injection Vulnerabilities
WordPress ABC Test Plugin "id" Cross-Site Scripting Vulnerability
Wordpress Token Manager Plugin "tid" Cross-Site Scripting Vulnerabilities
Fortinet FortiOS (FortiGate) Two Cross-Site Scripting Vulnerabilities
TorrentTrader Cross-Site Scripting and SQL Injection Vulnerabilities
WordPress MF Gig Calendar Plugin URL Cross-Site Scripting Vulnerability
webERP Multiple Vulnerabilities
LuxCal Web Calendar Multiple Vulnerabilities
TCExam Cross-Site Scripting and SQL Injection Vulnerabilities
ViciDial Asterisk GUI Client Two Cross-Site Scripting Vulnerabilities
Openfiler Multiple Vulnerabilities
Kayako Fusion URL PHPExcel Cross-Site Scripting Vulnerability
phpFox "message" Cross-Site Scripting Vulnerability
TomatoCart "processForm()" Cross-Site Scripting Vulnerability
Phorum Multiple Cross-Site Scripting Vulnerabilities
Chamilo Multiple Vulnerabilities
OrderSys Two Cross-Site Scripting Vulnerabilities
SaltOS URL PHPExcel Cross-Site Scripting Vulnerability
ManageEngine OpStor SQL Injection and Cross-Site Scripting Vulnerabilities
Flynax General Classifieds Multiple Cross-Site Scripting Vulnerabilities
phplist "unconfirmed" Cross-Site Scripting Vulnerability
LISTSERV "SHOWTPL" Cross-Site Scripting Vulnerability
Baby Gekko URL Cross-Site Scripting Vulnerability
InterPhoto Gallery Cross-Site Scripting and Local File Inclusion Vulnerabilities
ntop "arbfile" Cross-Site Scripting Vulnerability
Mahara Script Insertion and Cross-Site Scripting Vulnerabilities
100 last CVE
CVE-2018-7717
CVE-2018-17397
CVE-2018-17394
CVE-2018-17385
CVE-2018-17384
CVE-2018-17383
CVE-2018-17382
CVE-2018-17380
CVE-2018-17379
CVE-2018-17378
CVE-2018-17377
CVE-2018-17376
CVE-2018-17375
CVE-2017-9337
CVE-2017-9336
CVE-2017-8917
CVE-2017-6098
CVE-2017-6097
CVE-2017-6096
CVE-2017-6095
CVE-2017-2550
CVE-2017-2168
CVE-2017-18345
CVE-2017-17900
CVE-2017-17899
CVE-2017-17898
CVE-2017-17897
CVE-2017-15966
CVE-2017-15965
CVE-2017-1002022
CVE-2017-1002021
CVE-2017-1002020
CVE-2017-1002019
CVE-2017-1002018
CVE-2017-1002017
CVE-2016-8583
CVE-2016-8582
CVE-2016-8581
CVE-2016-8580
CVE-2016-6453
CVE-2016-5099
CVE-2016-5098
CVE-2016-5097
CVE-2016-4999
CVE-2016-3659
CVE-2016-3172
CVE-2016-1915
CVE-2016-1914
CVE-2016-1437
CVE-2016-10134
CVE-2016-1000271
CVE-2016-1000124
CVE-2016-0770
CVE-2016-0769
CVE-2016-0765
CVE-2015-8399
CVE-2015-8398
CVE-2015-8377
CVE-2015-8369
CVE-2015-7670
CVE-2015-7669
CVE-2015-7668
CVE-2015-7667
CVE-2015-7666
CVE-2015-7604
CVE-2015-7527
CVE-2015-7517
CVE-2015-7391
CVE-2015-7390
CVE-2015-7357
CVE-2015-7320
CVE-2015-7319
CVE-2015-6737
CVE-2015-6736
CVE-2015-6735
CVE-2015-6734
CVE-2015-6733
CVE-2015-6732
CVE-2015-6731
CVE-2015-6730
CVE-2015-6729
CVE-2015-6728
CVE-2015-6727
CVE-2015-6238
CVE-2015-5227
CVE-2015-4707
CVE-2015-4706
CVE-2015-2808
CVE-2015-2148
CVE-2015-2147
CVE-2015-2146
CVE-2015-2145
CVE-2015-2144
CVE-2015-2143
CVE-2015-2142
CVE-2015-2015
CVE-2015-2014
CVE-2015-1920
CVE-2015-1916
CVE-2015-0488
Risk level
Moderate