2 matches found
CVE-2006-2718
JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to a Crystal Reports .rpt file, which allows remote authenticated users to execute certain standard stored procedures by referencing them in a user-written .rpt file, as demonstrat...
CVE-2006-2718
CVE-2006-2718 describes a vulnerability in JIWA Financials 6.4.14 where a Microsoft SQL Server account username, password, and the data source name are passed to a Crystal Reports .rpt file. This enables remote authenticated users to invoke certain stored procedures by referencing them in a user-...