RevSense SQL Injection And Cross Site Scripting Vulnerabilities Network Vulnerability

Summary

RevSense is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. RevSense 1.0 is vulnerable other versions may also be affected.

References

http://www.securityfocus.com/bid/32624

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-6385

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

AdaptCMS 'init.php' Remote File Include Vulnerability
@Mail 'MailType' Parameter Cross Site Scripting Vulnerability
Apache Tiles Multiple XSS Vulnerability
Apache Struts Directory Traversal Vulnerability
appRain CMF 'uploadify.php' Remote Arbitrary File Upload Vulnerability

RevSense SQL Injection and Cross Site Scripting Vulnerabilities

Take action and discover your vulnerabilities