Tokheim Profleet DiaLOG Fuel Management System SQL injection |

February 12, 2022

NAME

Tokheim Profleet DiaLOG Fuel Management System SQL injection

  • Platforms Affected:
    Tokheim Profleet DiaLOG Fuel Management System 11.005.02
  • Risk Level:
    9.8
  • Exploitability:
    Proof of Concept
  • Consequences:
    Data Manipulation

DESCRIPTION

Tokheim Profleet DiaLOG Fuel Management System is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the /login.php script using the username parameter, which could allow the attacker to execute arbitrary code, or view, add, modify or delete information in the back-end database.

CVSS 3.0 Information

  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Access Vector: Network
  • Access Complexity: Low
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
  • Remediation Level: Unavailable

MITIGATION

No remedy available as of February 11, 2022.

  • Reference Link:
    https://packetstormsecurity.com/files/165944
  • Reference Link:
    https://www.tsg-solutions.com

If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.

Digital Patreon Wordmark FieryCoralv2

You may have missed

CISA Logo

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

November 15, 2024
CISA Logo

CISA: CISA Releases One Industrial Control Systems Advisory

November 15, 2024
CISA Logo

CISA: Oracle Releases Quarterly Critical Patch Update Advisory for October 2024

November 15, 2024
CISA Logo

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

November 15, 2024
CISA Logo

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

November 15, 2024