Home Vendor Advisories Open Source Vul DB Dragon Internet Events Listing event_searchdetail.asp ID Variable SQL Injection

Wednesday, 03 December 2008

Main Menu Home About us Contact us Services Partners Downloads Online Services Remote Support Helpdesk Backup Reminders Partners We ensure the highest level of vendor support for our clients & have established alliances with the following vendors: Services Spotlight Infrastructure Security Security is not one size fits all, that is why we tailor our services to your requirements. We offer a wide range of security services to assist you with any aspect of your information security requirements. Read more...   Login Username Password Remember me Lost Password? Tech Zone Vendor Advisories Cisco Microsoft Open Source Vul DB Products Industry News

Dragon Internet Events Listing event_searchdetail.asp ID Variable SQL Injection Thursday, 16 November 2006 Events Listing contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'event_searchdetail.asp' script not properly sanitizing user-supplied input to the 'ID' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database. Read more...

This page was loaded in 0.052 seconds.