|
|
FuseTalk CVE-2007-3705 SQL-Injection Vulnerability
FuseTalk is prone to a sql-injection vulnerability. SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVAR_SUBCAT (txForumID) parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm. |
|
Privacy Statement |