Multiple SQL injection vulnerabilities in eshtery CMS (aka eshtery.com) allow remote attackers to execute arbitrary SQL commands via the (1) Criteria field in an unspecified form related to catlgsearch.aspx or (2) user name to an unspecified form related to adminlogin.aspx.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-09-16T19:39:00
Updated: 2017-08-16T14:57:01
Reserved: 2010-09-16T00:00:00
Link: CVE-2010-3404
JSON object: View
NVD Information
Status : Modified
Published: 2010-09-16T20:00:04.280
Modified: 2017-08-17T01:32:57.557
Link: CVE-2010-3404
JSON object: View
Redhat Information
No data.
CWE