SQL injection vulnerability in the keyword parameter of KesionCMS KS.LogPoint.asp page
KesionCMS is Xiamen Kesion Software Co., Ltd. developed a set of universal station-building system. A SQL injection vulnerability exists in the keyword parameter of KesionCMS KS.LogPoint.asp page. Because the background page KS.LogPoint.asp does not strictly filter the parameter keyword, an...