Описание
SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote attackers to execute arbitrary SQL commands via the (1) Users_Email or (2) Users_Password parameter in an ExecuteTheLogin action.
SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote attackers to execute arbitrary SQL commands via the (1) Users_Email or (2) Users_Password parameter in an ExecuteTheLogin action.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-4208
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35787
- http://osvdb.org/36280
- http://outlaw.aria-security.info/?p=14
- http://secunia.com/advisories/26338
- http://securityreason.com/securityalert/2976
- http://www.securityfocus.com/archive/1/475449/100/0/threaded
- http://www.securityfocus.com/bid/25195
- http://www.vupen.com/english/advisories/2007/2797
EPSS
Процентиль: 81%
0.01537
Низкий
CVE ID
Связанные уязвимости
nvd
больше 18 лет назад
SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote attackers to execute arbitrary SQL commands via the (1) Users_Email or (2) Users_Password parameter in an ExecuteTheLogin action.
EPSS
Процентиль: 81%
0.01537
Низкий