virus logo Intrusion Prevention

Softbiz.referfriend.sbresid.SQL.Injection

description-logoDescription

This indicates a possible attempt of an SQL Injection attack against the Softbiz Resource Repository Script.
Softbiz Resource Repository Script contains a programming flaw that may allow an attacker to carry out an SQL injection attack. The problem is in the refer_friend.php script. It does not properly sanitize user-supplied input to the sbres_id variable. A succesful exploit can allow an attacker to execute SQL queries into the database.

affected-products-logoAffected Products

Softbiz Resource Repository Script 1.1.

Impact logoImpact

Compromise of the Database.

recomended-action-logoRecommended Actions

Apply appropriate patch from the vendor or upgrade to non-vulnerable version if available.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-12-02 16.972
ID 11440
Created Nov 30, 2005
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS All
Affected App Other