Sql injection

DISPUTED SQL injection vulnerability in VCS Virtual Program Management Intranet VPMi Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to ServiceRequests.asp. NOTE: the provenance of this information is unknown; the details are obtained solely fr...

CVE-2006-0897

SQL injection vulnerability in VCS Virtual Program Management Intranet (VPMi) Enterprise 3.3 via the UpdateID0 parameter to Service_Requests.asp. The vendor disputes the issue, citing a protected state-management system, while third-party sources suggest the original researcher may have triggered...