[] NeoSense
E X P L O I T S
title author type platform port cve id

RJ-iTop Network Vulnerability Scanner System - Multiple SQL Injections

Author: wsn1983
type: webapps
platform: jsp
port: 
date_added: 2010-04-13 
date_updated:  
verified: 0 
codes: OSVDB-63928 
tags: 
aliases:  
screenshot_url:  
application_url: 
RJ-iTop Network Vulnerability Scanner System Multiple SQL Injection Vulnerabilities



Vulnerable: v3.0.7.x

Vendor:  www.rj-itop.com<http://www.rj-itop.com>

Category: Input Validation Error

Impact:   SQL injection



Details:

=========

Multiple SQL Injection Vulnerabilities has been found in DRJ-iTop Network Vulnerability Scanner System&#65292; which can be exploited by malicious users to conduct SQL injection and script insertion attacks.

Authentication is required to exploit these vulnerabilities.



POC:

=========

https://8.8.8.8/roleManager.jsp?type=query&id= [SQL Injection]





Timeline:

========

2009.10.19   Report to vendor (but vender did not respond)

2009.11.15   Report to vendor second times

2009.11.19   Report to CNNVD

2010.04.13   Public
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.