Intrusion Prevention

Okul.Web.Otomasyon.Sistemi.Etkinlikbak.ASP.SQL.Injection

Description

Okul Web Otomasyon Sistemi has a SQL-injection vulnerability. A remote attacker could execute arbitrary SQL commands in the back-end database via a specially-crafted HTTP request to the "etkinlikbak.asp" script, with injecting SQL statements in the "id" parameter.

Affected Products

Okul Web Otomasyon Sistemi Any version.

Impact

Data Manipulation.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.
http://okulsistem.com/

CVE References

CVE-2007-0305