CVE-2010-1599

Publication date

2010-04-29 17:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2.2.0 allows remote attackers to execute arbitrary SQL commands via the id_sp parameter.