CVE-2008-3266
The CVE-2008-3266 entry describes a SQL injection vulnerability in the SoftAcid Hotel Reservation System (HRS) Multi, specifically in picture_pic_bv.asp via the key parameter. The root cause is improper input handling that allows an attacker to terminate the existing query and inject arbitrary SQ...