CVE-2008-2767 Information

Description

SQL injection vulnerability in search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to execute arbitrary SQL commands via the orderby parameter.

Reference

http://bugreport.ir/index.php?/41 http://marc.info/?l=bugtraq&m=121322052622903&w=2 http://securityreason.com/securityalert/3950 http://www.securityfocus.com/bid/29672 https://exchange.xforce.ibmcloud.com/vulnerabilities/43055