CVE-2012-4060

Publication date

2012-07-25 21:00:00

Family

mitre

State

PUBLISHED

Description

Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) profile.asp, (2) forum.asp, or (3) topic.asp.