CVE-2010-4736
GateSoft DocuSafe 4.1.0 and 4.1.2 are affected by an SQL injection in ECO.asp, exploitable via the ECO_ID parameter. Multiple sources (NVD, OpenVAS) corroborate a vulnerability allowing remote execution of arbitrary SQL commands through that parameter. The underlying issue is a flaw in input hand...