Arbitrary SQL Command Execution in Digital Interchange Calendar 5.8.5

Arbitrary SQL Command Execution in Digital Interchange Calendar 5.8.5

CVE-2010-5023 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intDivisionID parameter.

Learn more about our Web Application Penetration Testing UK.