IPS Community Suite - Unauthenticated SQL Injection
IPS Community Suite is vulnerable to unauthenticated SQL injection via the filter[] parameter in the /index.php?/store/ endpoint, allowing attackers to extract sensitive information from the database.
References:
Remediation:
Update to the latest version of IPS Community Suite.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
24 days 11 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox