CVE-2007-3677
CVE-2007-3677 affects Maxsi eVisit Analyst. Multiple SQL injection vulnerabilities allow remote attackers to supply id to (1) idsp1.pl, (2) ip.pl, and (3) einsite_director.pl, enabling arbitrary SQL execution and potentially path disclosure through error messages. Exploitation details and fixes a...