2 matches found
U.S. Dept Of Defense: SQL Injection - data[account][id] parameter
A SQL injection vulnerability was discovered in the "dataaccountid" parameter on the website. The vulnerability allowed for the manipulation of SQL queries executed by the backend database. The impact of this vulnerability was not specified...
U.S. Dept Of Defense: POST XSS - data[account][id] parameter
A Cross-Site Scripting XSS vulnerability was discovered in the POST method through the "dataaccountid" parameter. The vulnerability allowed the injection of malicious scripts that could be executed. The affected system was located on a system host. The vulnerability was not assigned a CVE number...