Description
SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a directory action.
Affected products
- alstrasoft / web_email_script_enterprise_nil_ – _nil_