CVE-2006-2954

CVE-2006-2954 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in files.asp in OfficeFlow 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the Project parameter.

Learn more about our Cis Benchmark Audit For Microsoft Office.