2 matches found
CVE-2008-5632
Connected documents corroborate a SQL injection vulnerability in Active Time Billing 3.2, specifically in Account.asp, exploitable via the username and password parameters (possibly related to start.asp). The root cause is not explicitly detailed beyond the injection vector. No remediation, patch...
CVE-2008-5632
SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information...