SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the cha parameter.
asp-cms asp-cms 1.0