CVE-2004-1498

CVE-2004-1498

EPSS 1.2%

SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary SQL commands via the messageToUserAccNum parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://marc.info/?l=bugtraq&m=109943858026542&w=2 http://secunia.com/advisories/13079 http://www.hat-squad.com/en/000077.html http://www.securityfocus.com/bid/11586