CVE-2005-0302 Information

Description

SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to execute arbitrary SQL commands via the referer field in the HTTP header.

Reference

http://marc.info/?l=bugtraq&m=110636597832556&w=2 http://www.securiteam.com/windowsntfocus/5TP0Q0UEKI.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19013