Security Advisory
CVE-2012-4060
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) profile.asp, (2) forum.asp, or (3) topic.asp.