3 matches found
Sql injection
DISPUTED SQL injection vulnerability in VCS Virtual Program Management Intranet VPMi Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to ServiceRequests.asp. NOTE: the provenance of this information is unknown; the details are obtained solely fr...
CVE-2006-0897
SQL injection vulnerability in VCS Virtual Program Management Intranet VPMi Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to ServiceRequests.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
PT-2006-1943 · Vcs · Vcs Virtual Program Management Intranet (Vpmi) Enterprise
Name of the Vulnerable Software and Affected Versions: VCS Virtual Program Management Intranet VPMi Enterprise version 3.3 Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to "Service Requests.asp". The vendor has disputed th...