Multiple SQL injection vulnerabilities in the login in web_reports/cgi-bin/InfoStation.cgi in Innovative vtls-Virtua prior to 2013.2.4 and 2014.x prior to 2014.1.1 allow remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
iii vtls-virtua 2014.1.0 |
||
iii vtls-virtua 2013.2.3 |