WmsCms Multiple SQL Injection Vulnerabilities

Attackers can use a browser to exploit these issues.

The following example URIs are available:

http://www.example.com/default.asp?search=[SQL Injection]
http://www.example.com/default.asp?sbr=[SQL Injection]
http://www.example.com/default.asp?pid=[SQL Injection]
http://www.example.com/default.asp?sbl=[SQL Injection]
http://www.example.com/default.asp?FilePath=[SQL Injection]
http://www.example.com/printpage.asp?sbr=[SQL Injection]
http://www.example.com/printpage.asp?pr=[SQL Injection]
http://www.example.com/printpage.asp?psPrice=[SQL Injection]


 

Privacy Statement
Copyright 2010, SecurityFocus