CVE-2014-3446
CVE-2014-3446 describes an unauthenticated SQL injection in BSS Continuity CMS 4.2.22640.0, specifically in wcm/system/pages/admin/getnode.aspx via the nodeid parameter. The vulnerability arises from lack of input sanitization when constructing an SQL query to retrieve node information, allowing ...