CVE-2014-2043 Information

Description

SQL injection vulnerability in Resources/System/Templates/Data.aspx in Procentia IntelliPen before 1.1.18.1658 allows remote authenticated users to execute arbitrary SQL commands via the value parameter.

Reference

http://seclists.org/fulldisclosure/2014/Mar/103 http://www.exploit-db.com/exploits/32212 http://www.securityfocus.com/archive/1/531426/100/0/threaded https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2043