CVE-2007-4208

Publication date

2007-08-08 01:52:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote attackers to execute arbitrary SQL commands via the (1) Users_Email or (2) Users_Password parameter in an ExecuteTheLogin action.