CVE-2008-6380

Description

SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter.

Affected products

activewebsoftwares / active_web_helpdesk2.0 – 2.0

References

EXPLOIThttps://www.exploit-db.com/exploits/7298
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/46905
MISChttp://www.securityfocus.com/bid/32548
VENDOR_ADVISORYhttp://secunia.com/advisories/32911