CVE-2008-6678

2009-04-08T10:30:00
ID CVE-2008-6678
Type cve
Reporter cve@mitre.org
Modified 2017-08-17T01:29:00

Description

SQL injection vulnerability in asp/includes/contact.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary SQL commands via the sNickName parameter in a profile action to default.asp.