CVE-2005-3208
CVE-2005-3208 involves multiple SQL injection vulnerabilities in the products named aeNovo, aeNovoShop, and aeNovoWYSI. The flaws allow remote attackers to execute arbitrary SQL code via the password parameter in control.asp and the strSQL parameter in search.asp, with potential for XSS in result...