Cerebrate – Blind SQL injection
CIRCL – Computer Incident Response Center Luxembourg
Update to Cerebrate version 1.3 latest patch or higher
‘limit’ parameter of the ‘searchAll’ action of the ‘Instance’ controller is vulnerable to Blind SQL injection vulnerability. This vulnerability was detected with help of Cake Fuzzer: https://github.com/Zigrin-Security/CakeFuzzer
Ulaş Deniz İlhan
Do you think the security of your data might be lacking? Let's find the best approach together.
Once you contact us, we will ask you about the project you want to secure.