2 matches found
Sql injection
SQL injection vulnerability in artreplydelete.asp in ASP EDGE 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via a username cookie, a different vector than CVE-2007-0560...
CVE-2007-0560
CVE-2007-0560 describes an SQL injection vulnerability in user.asp for ASP EDGE versions 1.2b and earlier, exploitable remotely via the user parameter. The flaw allows an attacker to inject arbitrary SQL commands, potentially impacting confidentiality and integrity and enabling partial availabili...