CVE-2005-1506

CJ Ultra (CJUltra) Plus versions 1.0.3 and 1.0.4 are affected by a SQL injection in out.php that allows remote attackers to modify/ retrieve data via the perm parameter. The root cause is improper handling of user-supplied input in the SQL query constructed in out.php. The available sources do no...

CVE-2005-1506

SQL injection vulnerability in out.php in CJ Ultra CJUltra Plus 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via the perm parameter...