Home Vendor Advisories Open Source Vul DB Dragon Internet Events Listing venue_detail.asp VenueID Variable SQL Injection

Wednesday, 03 December 2008

Main Menu Home About us Contact us Services Partners Downloads Online Services Remote Support Helpdesk Backup Reminders Partners We ensure the highest level of vendor support for our clients & have established alliances with the following vendors: Services Spotlight System Integration   Whether you're in need of a simple file-sharing solution or a solution for a standard nation-wide remote access solution, we can determine the solution best meets your needs, and implement it. Read more...   Login Username Password Remember me Lost Password? Tech Zone Vendor Advisories Cisco Microsoft Open Source Vul DB Products Industry News

Dragon Internet Events Listing venue_detail.asp VenueID Variable SQL Injection Thursday, 16 November 2006 Events Listing contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'venue_detail.asp' script not properly sanitizing user-supplied input to the 'VenueID' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database. Read more...

This page was loaded in 0.343 seconds.