Subscribe via feed.

Emby MediaServer 3.2.5 Boolean-based Blind SQL Injection

Posted by deepcore on May 2, 2017 – 8:45 am

Emby MediaServer version 3.2.5 suffers from a blind SQL injection vulnerability. Input passed via the GET parameter ‘MediaTypes’ is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.


« »