2008-07-09 19:00:00
mitre
PUBLISHED
SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter.