Intrusion Prevention



It indicates a attacker attempted an SQL Injection attack against ilyavs Survey System. Survey System contains a flaw that may allow an attacker to carry out SQL injection attacks. The flaw is in the "survey.php" script because it does not properly
validate the "SURVEY_ID" parameter. A successful exploit can allow an attacker to execute SQL queries against the database.

Affected Products

Survey System Versions 1.1


Disclosure or Modification of sensitive data

Recommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.

CVE References