{"id":8504,"date":"2025-07-21T05:36:57","date_gmt":"2025-07-21T05:36:57","guid":{"rendered":"http:\/\/localhost\/?p=8504"},"modified":"2025-07-21T05:36:57","modified_gmt":"2025-07-21T05:36:57","slug":"sql-injection-via-post-requests-allowing-configuration-database-manipulation","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=8504","title":{"rendered":"SQL Injection via POST Requests Allowing Configuration Database Manipulation"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nSQL Injection via POST Requests Allowing Configuration Database Manipulation<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-21T09:30:44.484Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-21T09:30:44.484Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nMB connect line<\/td>\n<\/tr>\n
Product<\/th>\nmbNET.mini<\/td>\n<\/tr>\n
Version<\/th>\n0.0.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n6.5 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:N\/I:H\/A:H<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA high-privileged remote attacker can exploit this SQL injection vulnerability to modify the configuration database by sending specially crafted POST requests. This is due to improper neutralization of special SQL elements. The vulnerability allows attackers to alter the database, potentially leading to system compromise.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
AI Vendor<\/th>\nMB connect line<\/td>\n<\/tr>\n
AI Product<\/th>\nmbNET.mini<\/td>\n<\/tr>\n
AI Version<\/th>\n0.0.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n