Remote SQL Injection Vulnerability in WorkforceROI Xpede 4.1

Remote SQL Injection Vulnerability in WorkforceROI Xpede 4.1

CVE-2002-0581 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.