CVE-2006-2954
CVE-2006-2954 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
SQL injection vulnerability in files.asp in OfficeFlow 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the Project parameter.
Learn more about our Cis Benchmark Audit For Microsoft Office.