CVE-2002-0581

WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script.

Date published : 2002-06-11

http://www.securityfocus.com/bid/4555

http://archives.neohapsis.com/archives/bugtraq/2002-04/0273.html