SQL injection vulnerability in the Update_Events function in events_functions.asp in MaxWebPortal 1.33 and previous versions allows remote malicious users to execute arbitrary SQL commands via the EVENT_ID parameter, as demonstrated using events.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
maxwebportal maxwebportal |