CVE-2012-3477

CVE-2012-3477

EPSS 1.2%

SQL injection vulnerability in signup_check.php in NeoInvoice allows remote attackers to execute arbitrary SQL commands via the value parameter in a username action.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://adamcaudill.com/2012/08/12/neoinvoice-blind-sql-injection-cve-2012-3477/http://archives.neohapsis.com/archives/bugtraq/2012-08/0087.html