Description
SQL injection vulnerability in bpg/publications_list.asp in BPG-InfoTech Easy Publisher and Smart Publisher//Pro 2.7.7 allows remote attackers to execute arbitrary SQL commands via the vjob parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Affected products
- bpg-infotech / easy_publisher2.7.7 – 2.7.7
- bpg-infotech / smart_publisher_pro2.7.7 – 2.7.7
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/4514
- VENDOR_ADVISORYhttp://secunia.com/advisories/22888
- MISChttp://www.securityfocus.com/bid/21094