CVE-2006-3348

Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and 3.3 Beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) type parameter in report.php and (2) level parameter in custom_buttons.php.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:swsoft:hspcomplete:*:*:*:*:*:*:*:*
cpe:2.3:a:swsoft:hspcomplete:3.2.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-07-03 19:05

Updated : 2024-02-28 10:42


NVD link : CVE-2006-3348

Mitre link : CVE-2006-3348

CVE.ORG link : CVE-2006-3348


JSON object : View

Products Affected

swsoft

  • hspcomplete