CVE-2006-3348

Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and 3.3 Beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) type parameter in report.php and (2) level parameter in custom_buttons.php.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:swsoft:hspcomplete:*:*:*:*:*:*:*:*
cpe:2.3:a:swsoft:hspcomplete:3.2.2:*:*:*:*:*:*:*

History

21 Nov 2024, 00:13

Type Values Removed Values Added
References () http://pridels0.blogspot.com/2006/06/hspcomplete-vuln.html - () http://pridels0.blogspot.com/2006/06/hspcomplete-vuln.html -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/27379 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/27379 -

Information

Published : 2006-07-03 19:05

Updated : 2024-11-21 00:13


NVD link : CVE-2006-3348

Mitre link : CVE-2006-3348

CVE.ORG link : CVE-2006-3348


JSON object : View

Products Affected

swsoft

  • hspcomplete