There is a critical vulnerability discovered on the Predictive Dialer Application by scanning Qualys.Express.
http://10.10.99.1/agc.new/astguiclient.php
http://10.10.99.1/
Issue: Blind SQL injection. This give access to the back end database of the application.
Installation details:
Centos 6.5 64Bit
Astguiclient:
Version: 2.10-401a
Build: 630508-2256
Kindly also avail us the root cause of this and fix this issues.
Vulnerability: Blind SQL injection.
Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N
3 posts
• Page 1 of 1
Vulnerability: Blind SQL injection.
by nidhinca » Wed Nov 15, 2017 3:41 am
- nidhinca
- Posts: 6
- Joined: Mon Jul 29, 2013 6:42 am
Re: Vulnerability: Blind SQL injection.
by mflorell » Wed Nov 15, 2017 6:04 am
That version is years old and we have patched many security holes since then. I would suggest upgrading to the latest svn/trunk version if you want a secure system.
- mflorell
- Site Admin
- Posts: 18387
- Joined: Wed Jun 07, 2006 2:45 pm
- Location: Florida
Re: Vulnerability: Blind SQL injection.
by nidhinca » Tue Dec 19, 2017 8:21 am
Thanks for the reply. As we have done multiple customizations on the existing server, we will not be able to change the version.
- nidhinca
- Posts: 6
- Joined: Mon Jul 29, 2013 6:42 am
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 53 guests