2 matches found
CVE-2006-6524
SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and earlier allows remote attackers to execute arbitrary SQL commands via the Uname UserName parameter...
CVE-2006-6524
CVE-2006-6524 is a SQL injection vulnerability in EzHRS HR Assist prior to or including 1.05, occurring in vdateUsr.asp through the Uname (UserName) parameter. The issue arises from improper handling of user input, allowing remote attackers to execute arbitrary SQL commands. Public references inc...