icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Full Revolution album.asp aspWebAlbum SQL Injection

High

Synopsis

The remote web server contains a script that is vulnerable to a SQL injection attack.

Description

The remote host is running Full Revolution aspWebAlbum, a web photo album application implemented in ASP. It is reported that this version of the software is prone to multiple SQL injection vulnerabilities. An attacker may access the underlying database in order to access sensitive information or to corrupt data.

Solution

No solution is known at this time.