Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and previous versions allow remote malicious users to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
g2soft pentacle in-out board 6.03 |