Subscribe via feed.

Xinet Elegant 6 Asset Library Web Interface 6.1.655 SQL Injection

Posted by deepcore on December 1, 2019 – 5:10 pm

NAPC Xinet (interface) Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginForm[username] field when double quotes are used.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.