Required CVE Record Information
Description
SQL injection vulnerability in webSPELL allows remote attackers to execute arbitrary SQL commands via a ws_auth cookie, a different vulnerability than CVE-2006-4782.
References 3 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 3 Total
- exchange.xforce.ibmcloud.com: webspell-login-sql-injection(32669) vdb-entryx_transferred
- securityreason.com: 2337 third-party-advisoryx_transferred
- securityfocus.com: 20070222 WebSpell > 4.0 Authentication Bypass and arbitrary code execution mailing-listx_transferred