CVE-2006-2954 Information
Feb 14, 2021
cve
Description
SQL injection vulnerability in files.asp in OfficeFlow 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the Project parameter.
Reference
http://pridels0.blogspot.com/2006/06/officeflow-26-vuln.html http://secunia.com/advisories/20545 http://securitytracker.com/id?1016255 http://www.securityfocus.com/bid/18367 http://www.vupen.com/english/advisories/2006/2246 https://exchange.xforce.ibmcloud.com/vulnerabilities/27023
Share on: