SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote malicious users to insert arbitrary SQL and execute code via certain variables, as demonstrated using the GroupName variable in SiteAdmin.ASP.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
iisprotect iisprotect |