Sql injection

2008-06-2512:36:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.5%

JSON

Multiple SQL injection vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to ansFAQ.asp and the (2) template_id parameter to preview.asp.

CPENameOperatorVersion
site_composerle2.6

CPE	Name	Operator	Version
	site_composer	le	2.6

References

osvdb.org/46461

secunia.com/advisories/30762

securityreason.com/securityalert/3957

www.bugreport.ir/?/45

www.securityfocus.com/archive/1/493473/100/0/threaded

www.securityfocus.com/bid/29812

exchange.xforce.ibmcloud.com/vulnerabilities/43190

www.exploit-db.com/exploits/5859