Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and 3.3 Beta and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) type parameter in report.php and (2) level parameter in custom_buttons.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
swsoft hspcomplete |
||
swsoft hspcomplete 3.2.2 |