← back
CVE-2011-3688

CVE-2011-3688

EPSS 1.1%
Multiple SQL injection vulnerabilities in Sonexis ConferenceManager 9.3.14.0 allow remote attackers to execute arbitrary SQL commands via (1) the g parameter to Conference/Audio/AudioResourceContainer.asp or (2) the txtConferenceID parameter to Login/HostLogin.asp.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://securityreason.com/securityalert/8401http://www.solutionary.com/index/SERT/Vuln-Disclosures/Sonexis-SQL-Injection.html