Vulnerabilities

CVE-2011-3688

by Fred · 27/09/2011

Multiple SQL injection vulnerabilities in Sonexis ConferenceManager 9.3.14.0 allow remote attackers to execute arbitrary SQL commands via (1) the g parameter to Conference/Audio/AudioResourceContainer.asp or (2) the txtConferenceID parameter to Login/HostLogin.asp.

Date published : 2011-09-27

http://www.solutionary.com/index/SERT/Vuln-Disclosures/Sonexis-SQL-Injection.html

http://securityreason.com/securityalert/8401

Similar

Tags: Cybersecurity Alert