CVE-2008-6152 Information

Description

SQL injection vulnerability in deptdisplay.asp in SepCity Faculty Portal allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: this was originally reported for Lawyer Portal which does not have a deptdisplay.asp file.

Reference

http://secunia.com/advisories/33357 http://www.securityfocus.com/bid/33040 https://exchange.xforce.ibmcloud.com/vulnerabilities/47621 https://www.exploit-db.com/exploits/7610