CVE-2002-0581 Information

Description

WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read modify or steal credentials from the database via the Qry parameter in the sprc.asp script.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-04/0273.html http://www.iss.net/security_center/static/8903.php http://www.securityfocus.com/bid/4555