• info
• discussion
• exploit
• solution
• references

Scout Portal Tool Kit ForumTopics.PHP SQL Injection Vulnerability

Scout Portal Toolkit is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in SQL queries.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

Versions 1.4.0 and prior are reported vulnerable; other versions may also be affected.