Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) ID parameter in an USUB action to default.asp and the (2) Licence[SpecialLicenseNumber] (aka LicenceId) cookie to edit/default.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
doitlive cms |