CVE-2010-2317
CVE-2010-2317 concerns multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier. The flaws allow remote attackers to inject arbitrary SQL through specific parameters: default.asp: (1) search, (2) sbr, (3) pid, (4) sbl, (5) FilePath; and printpage.asp: (6) sbr, (7) pr, (8) psPrice. The des...