CVE-2014-8728

2014-12-02T11:59:00
ID CVE-2014-8728
Type cve
Reporter NVD
Modified 2014-12-05T10:50:42

Description

SQL injection vulnerability in the login page (login/login) in Subex ROC Fraud Management (aka Fraud Management System and FMS) 7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ranger_user[name] parameter.