Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET prior to 4.125.002 allow (1) remote malicious users to execute arbitrary SQL commands via the SurveyID parameter to survey/ReviewReadOnlySurvey.aspx or (2) remote authenticated users to execute arbitrary SQL commands via the SurveyID parameter to survey/UploadImagePopupToDb.aspx.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
classapps selectsurvey.net |
||
classapps selectsurvey.net 4.125.000 |