CVE-2004-2324
DotNetNuke (formerly IBuySpy Workshop) 1.0.6–1.0.10d is affected by an SQL injection vulnerability in LinkClick.aspx, exploitable via the (1) table and (2) field parameters to modify the backend database. The vulnerability allows remote attackers to alter database contents. Documents do not provi...