SQL injection vulnerability in activeWeb contentserver prior to 5.6.2964 allows remote authenticated users with edit permission to execute arbitrary SQL commands via the id parameter to admin/picture/picture_real_edit.asp, and probably other unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
activeweb contentserver |