WebSpell Multiple Input Validation Vulnerabilities

WebSpell Multiple Input Validation Vulnerabilities

webSPELL is prone to two input-validation vulnerabilities: an SQL-injection issue and an unauthorized file-upload issue.

A successful SQL-injection attack could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. The unauthorized file-upload vulnerability may let a remote attacker upload and execute malicious PHP scripts.