2 matches found
Sql injection
SQL injection vulnerability in mcllogin.asp in Timecan CMS allows remote attackers to execute arbitrary SQL commands via the email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Due to the unavailability of the origina...
CVE-2006-0107
CVE-2006-0107 describes a SQL injection in Timecan CMS exploitable via the viewID parameter, enabling remote SQL execution. Related entry CVE-2006-0108 notes a similar injection in Timecan CMS, via the email parameter in mcl_login.asp. Both entries originate from third-party information with uncl...