CVE-2006-3348

2006-07-03T19:05:00
ID CVE-2006-3348
Type cve
Reporter cve@mitre.org
Modified 2017-07-20T01:32:00

Description

Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and 3.3 Beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) type parameter in report.php and (2) level parameter in custom_buttons.php.