NuytsTech Security

CVE-2010-0614

by ·

SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the (1) question action, and possibly the (2) sub_par or (3) num_quest actions.

Date published : 2010-02-11

http://www.securityfocus.com/bid/38116

http://www.securityfocus.com/archive/1/509370/100/0/threaded

Tags: