HomePentest-Tools.com Logo

Fanwei eMobile - OGNL Injection (CNVD-2017-03561)

Severity
Not available
CVSSv3 Score
Not available
CVE
Not available
Vulnerability description

Fanwei eMobile contains an object graph navigation library vulnerability. An attacker can inject arbitrary JavaScript, thus possibly obtaining sensitive information from a database, modifying data, and executing unauthorized administrative operations in the context of the affected site.\n

Risk description

No risk description to display.

Recommendation

We recommend you to upgrade the affected software to the latest version, which mitigates this vulnerability.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
May 8, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available