Multiple SQL Injection Vulnerabilities in A Really Simple Chat (ARSC) 3.3-rc2

Multiple SQL Injection Vulnerabilities in A Really Simple Chat (ARSC) 3.3-rc2

CVE-2011-2181 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in A Really Simple Chat (ARSC) 3.3-rc2 allow remote attackers to execute arbitrary SQL commands via the (1) arsc_user parameter to base/admin/edit_user.php, (2) arsc_layout_id parameter in base/admin/edit_layout.php, or (3) arsc_room parameter to base/admin/edit_room.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.