CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 3CVE-2012-4060 – XM Forum - 'id' Multiple SQL Injections
https://notcve.org/view.php?id=CVE-2012-4060
Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) profile.asp, (2) forum.asp, or (3) topic.asp. Múltiples vulnerabilidades de inyección SQL en ASP-DEv XM Forums RC3, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id de (1) profile.asp, (2) forum.asp, or (3) topic.asp. • https://www.exploit-db.com/exploits/37119 http://packetstormsecurity.org/files/112259/ASP-DEv-XM-Forums-SQL-Injection.html http://www.securityfocus.com/bid/53292 https://exchange.xforce.ibmcloud.com/vulnerabilities/75261 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •