2 matches found
CVE-2010-5001
SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2010-5001
The CVE-2010-5001 entry concerns the esoftpro Online Contact Manager 3.0. The vulnerability is a SQL injection in view.php triggered by the id parameter, allowing remote attackers to execute arbitrary SQL commands. Root cause is unsanitized input in the id parameter leading to unintended query ma...